WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93125 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Vista Security 2011 Virus Problem

Started by Ultilee Stupid , Mar 31 2011 03:24 PM

This topic is locked

39 replies to this topic

#1 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 31 March 2011 - 03:24 PM

Hi, today something called "Vista Total Security 2011" started popping up and telling me i have infections, scans and tells me i have 31 Infections.

I looked up the problem and found this page

http://www.precisese...-security-2011/

I followed the instructions as close as possible then scaned the PC with Malwarebytes Anti-Malware, COMODO, Avira and scaned with HouseCall 7.1, all say i'm clean but on startup "Vista Total Security 2011" keeps popping up and doing the same thing. I share the PC with two others but it's only happening on my side of things.

The site is telling me to delete things that look like

(random characters).exe
winupdate86.exe

But i'm worried i'll end up deleting something i shouldn't. (as you can tell i'm not completly tech savy

)

Please help thanks.

Apologies i forgot i should have posted a HijackThis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:50:23, on 31/03/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:WindowsSystem32igfxpers.exe
C:WindowsSystem32hkcmd.exe
C:Program FilesAviraAntiVir Desktopavgnt.exe
C:Windowsehomeehmsas.exe
C:Program FilesCOMODOCOMODO Internet Securitycfp.exe
C:UsersUltimoLeeAppDataLocalpgv.exe
C:Windowssystem32igfxsrvc.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesMozilla Firefoxplugin-container.exe
C:Windowssystem32NOTEPAD.EXE
C:Windowssystem32NOTEPAD.EXE
C:UsersUltimoLeeDownloadsHiJackThis.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe

--
End of file - 1205 bytes

Advertisements

Register to Remove

#2 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 01 April 2011 - 02:57 PM

Hi Ultilee Stupid, welcome to the forum.

To make cleaning this machine easier

Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs.
Please do not run any scans other than those requested
Please follow all instructions in the order posted
All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
Do not attach any logs/reports, etc.. unless specifically requested to do so.
If you have problems with or do not understand the instructions, Please ask before continuing.
Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.

Go HERE to get a randomly named copy of GMER. Scroll down to the Download section and click Download EXE. Save it to your desktop.

Before scanning with GMER, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Right click on the file you downloaded and click "Run as Adminstrator" . If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

Click the image to enlarge it
In the right panel, you will see several boxes that have been checked. Uncheck the following ...
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and post it in your next reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

If GMER will not run in normal windows, please run it in Safe Mode

Next

Download OTL to your desktop.

Right click on OTL.exe "Run as Adminstrator" to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output
Check the boxes beside LOP Check and Purity Check.
In the window under Custom Scans/Fixes copy and paste the following

netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lîk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Deskuop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
iexplore.*
explorer.*
winlogon.*
dll
zx.dll
hlp.dat
/md5stop
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Please post back with

GMER log
both OTL logs

Thanks

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#3 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 01 April 2011 - 04:03 PM

Hi, i downloaded GMER and ran as admin but on the left handside under

Type|Name|Value

Something to do with COMODO has appeared, 4 Lines

Attached... \Driver\tdx Device

i closed and then exited COMODO but it's still showing up.

Should i just proceed with the scan?

also could this virus be a big problem?

#4 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 02 April 2011 - 01:22 AM

Hi Ultilee Stupid,

That's normal, GMER is just reporting it found something. In this case it was some Comodo references. Please continue the scan.

also could this virus be a big problem?

We will know that when the logs are posted.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#5 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 05:37 AM

GMER Scan

edit: having a problem posting it, the board is telling me i haven't entered a post

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-02 11:59:26
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3160815AS rev.4.ADA
Running: f7pmgey4.exe; Driver: C:\Users\VJones\AppData\Local\Temp\kxldipow.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8D237F8E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8D238F5C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8D238174]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8D2373FA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8D237BF4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8D2372DC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8D237A82]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8D238C16]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThread [0x8D236EA2]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0x8D236CD4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8D238898]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8D23767E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8D237DD0]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenProcess [0x8D236A04]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8D23790E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenThread [0x8D236B7C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8D2393C6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8D238634]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8D238A46]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8D237618]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8D237802]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateProcess [0x8D2371A6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8D237074]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8D238280]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAcceptConnectPort [0x82FD8E5B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheck [0x82E492C5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x83011541]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByType [0x82E4B010]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x83009149]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x82EFEEDA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x830BE569]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x830BE5B2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddAtom [0x82FD9025]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddBootEntry [0x830D3EC6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddDriverEntry [0x830D516A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustGroupsToken [0x8301193C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertResumeThread [0x830B151D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertThread [0x8302A1E5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x82FDF587]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x830A2C69]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUuids [0x82FBFA14]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateVirtualMemory [0x830664AB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcAcceptConnectPort [0x8300871B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCancelMessage [0x82FD2835]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreatePortSection [0x82FFAD35]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateResourceReserve [0x82FCE243]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateSectionView [0x82FFAB05]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateSecurityContext [0x83002967]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeletePortSection [0x82FFAECF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteResourceReserve [0x8309E4C9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteSectionView [0x8301344B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteSecurityContext [0x83012175]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDisconnectPort [0x830105E8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcImpersonateClientOfPort [0x8301545F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcOpenSenderProcess [0x82FD973E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcOpenSenderThread [0x82FDB300]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcQueryInformation [0x82FF7D2E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcQueryInformationMessage [0x8301690F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcRevokeSecurityContext [0x8309E5EC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcSendWaitReceivePort [0x8305B96B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcSetInformation [0x82FF72D0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwApphelpCacheControl [0x82FEC203]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAreMappedFilesTheSame [0x8309F39F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAssignProcessToJobObject [0x82FDBB13]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCallbackReturn [0x82ECB31C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelDeviceWakeupRequest [0x830ACD4B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFile [0x82FCF669]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelTimer [0x82E4267B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClearEvent [0x830531DB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClose [0x83058CC1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x83011466]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompactKeys [0x830728F2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompareTokens [0x82FD24DD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompleteConnectPort [0x82FD8ED8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompressKey [0x83072B7D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwContinue [0x82E6C750]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDebugObject [0x83081DDA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDirectoryObject [0x82FDE547]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEvent [0x83030D37]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEventPair [0x830D9584]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateIoCompletion [0x82FEA907]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobObject [0x82FC8FDA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobSet [0x830B328B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x8300D0D0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyTransacted [0x82FB2FB4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMailslotFile [0x82FC5D6C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMutant [0x8303E7BC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateNamedPipeFile [0x82FEC718]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePrivateNamespace [0x82FB16DA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePagingFile [0x82F6F1F4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcess [0x830AFD63]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcessEx [0x830AFDAE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProfile [0x830D9C07]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSemaphore [0x82FF5CC3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTimer [0x82FD8A9F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateToken [0x82FE029F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTransaction [0x82FC4730]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTransaction [0x830C196D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationTransaction [0x830C1B7C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationTransactionManager [0x82F92A65]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrePrepareEnlistment [0x830C12A4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrepareEnlistment [0x830C11E3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitEnlistment [0x830C1365]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadOnlyEnlistment [0x830C17E9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackComplete [0x830C18A8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackEnlistment [0x830C1426]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitTransaction [0x82FB54EE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackTransaction [0x82F95728]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrePrepareComplete [0x830C15A8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrepareComplete [0x830C14E7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitComplete [0x830C1669]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSinglePhaseReject [0x830C172A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationTransaction [0x830C2451]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationTransactionManager [0x830C2CBB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationResourceManager [0x82F93457]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTransactionManager [0x82F97CA8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTransactionManager [0x82F936DB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRenameTransactionManager [0x830C2A83]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollforwardTransactionManager [0x830C2BF0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverEnlistment [0x830C0D2C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverResourceManager [0x82F9888D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverTransactionManager [0x82F986D4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateResourceManager [0x82F98257]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenResourceManager [0x82F92FA5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNotificationResourceManager [0x82F988E1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationResourceManager [0x830C2837]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEnlistment [0x82F949FC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEnlistment [0x830C0B63]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationEnlistment [0x830C0FF4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationEnlistment [0x830C0D87]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateWaitablePort [0x82F98D04]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugActiveProcess [0x83082CE2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugContinue [0x830833A3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDelayExecution [0x83051E56]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteAtom [0x82FCFB90]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteBootEntry [0x830D3EF7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteDriverEntry [0x830D519B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteFile [0x82F8EC5E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteKey [0x82FD06F7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeletePrivateNamespace [0x830A8071]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteObjectAuditAlarm [0x8306CE64]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteValueKey [0x82FCBC98]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeviceIoControlFile [0x83066478]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDisplayString [0x82F6DBE5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDuplicateToken [0x8300DB16]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateBootEntries [0x830D40F8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateDriverEntries [0x830D539A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateKey [0x8301B463]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateSystemEnvironmentValuesEx [0x830D3CC7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateTransactionObject [0x830C223F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateValueKey [0x82FF0335]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwExtendSection [0x830A10BB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFilterToken [0x82FC7F71]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFindAtom [0x82FCF8E9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushBuffersFile [0x83029D8B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushInstructionCache [0x82FCDF19]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushKey [0x82FA2427]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushProcessWriteBuffers [0x82E36585]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushVirtualMemory [0x82FCB98C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushWriteBuffer [0x830A3CD2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeUserPhysicalPages [0x830A339B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeVirtualMemory [0x82EA2F5D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreezeRegistry [0x82EE1836]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreezeTransactions [0x830C26CC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFsControlFile [0x83064094]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetContextThread [0x82F97A6A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetDevicePowerState [0x830ACD79]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNlsSectionPtr [0x82FC6201]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetPlugPlayEvent [0x82FB1439]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetWriteWatch [0x82EEFCE4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateAnonymousToken [0x82FD8EE2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateClientOfPort [0x82FF4092]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateThread [0x82FEE4E4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitializeNlsFiles [0x82FEF190]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitializeRegistry [0x82F8DAFF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitiatePowerAction [0x830ACB54]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsProcessInJob [0x8306FC9E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsSystemResumeAutomatic [0x830ACD5F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwListenPort [0x82F7E60A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey [0x82F7B156]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey2 [0x82F719BC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKeyEx [0x82F9E843]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockFile [0x82FDF613]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockProductActivationKeys [0x82FC4D72]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockRegistryKey [0x82F5F632]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockVirtualMemory [0x82E39D0B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakePermanentObject [0x82FC719C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPages [0x830A1FFE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPagesScatter [0x830A2573]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapViewOfSection [0x8302E82A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwModifyBootEntry [0x830D40C7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwModifyDriverEntry [0x830D536B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeDirectoryFile [0x830097AF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeKey [0x82FDD5D9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeMultipleKeys [0x82FDCA51]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenDirectoryObject [0x8303E042]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEvent [0x83017D5F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEventPair [0x830D96B3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenIoCompletion [0x8308B6CD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenJobObject [0x830B2F83]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x83026626]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyTransacted [0x82FB2F59]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenMutant [0x8302FAF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenPrivateNamespace [0x8306E931]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenObjectAuditAlarm [0x82FB7F15]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessToken [0x8301F9BE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessTokenEx [0x8301C7E9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSemaphore [0x82FC3EBE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSession [0x82FC1B8E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSymbolicLinkObject [0x82FF550D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadToken [0x8303A258]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadTokenEx [0x83037161]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTimer [0x830D930F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPlugPlayControl [0x82FCE8E7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPowerInformation [0x83027614]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeCheck [0x83008ED5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeObjectAuditAlarm [0x82FAB9AF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegedServiceAuditAlarm [0x82FCDFE8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwProtectVirtualMemory [0x8303828D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPulseEvent [0x830704B3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryAttributesFile [0x8303E0FC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryBootEntryOrder [0x830D45A9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryBootOptions [0x830D4A05]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDebugFilterState [0x82EDBAA5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultLocale [0x82FEF10E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultUILanguage [0x82FA5696]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryFile [0x83027095]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryObject [0x8302F6BE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDriverEntryOrder [0x830D4F1B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEaFile [0x82F7B177]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEvent [0x82FD19F7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryFullAttributesFile [0x82FF0AB0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationAtom [0x82FCFA3D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationFile [0x8301F173]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationJobObject [0x82FA7E83]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationPort [0x8309D5D9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationProcess [0x8302BF59]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationThread [0x83051EFB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationToken [0x8301C914]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInstallUILanguage [0x82FA5A1A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIntervalProfile [0x830DA107]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIoCompletion [0x8308B7A4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryKey [0x8301BF16]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMultipleValueKey [0x83072167]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMutant [0x830D9A04]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryObject [0x83004343]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryOpenSubKeys [0x830723C3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryOpenSubKeysEx [0x83069F68]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPerformanceCounter [0x830530ED]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryQuotaInformationFile [0x8308C990]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySection [0x8303E68B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySecurityObject [0x82FF2CD2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySemaphore [0x830D2EFA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySymbolicLinkObject [0x82FE5038]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValue [0x830D30EF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValueEx [0x830D36FD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemInformation [0x83053229]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemTime [0x8302A146]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimer [0x830D93E2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimerResolution [0x82FCED92]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryValueKey [0x8303B8F8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVirtualMemory [0x8301F9DE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVolumeInformationFile [0x83063BB8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueueApcThread [0x82FCF837]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseException [0x82E6C798]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseHardError [0x82F97178]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFile [0x83028CB5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFileScatter [0x82FA1155]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadRequestData [0x8309D699]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadVirtualMemory [0x82FF0986]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRegisterThreadTerminatePort [0x830B0C50]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseMutant [0x83051D3C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseSemaphore [0x83006698]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveIoCompletion [0x8302BDC5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveProcessDebug [0x83082E2D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRenameKey [0x8307266C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplaceKey [0x83071F76]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplacePartitionUnit [0x82EEA38F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyPort [0x82FFF6DF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePort [0x83057E59]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePortEx [0x83057D08]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReplyPort [0x8309D86F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestPort [0x8302A236]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestWakeupLatency [0x830ACAF7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetEvent [0x82FD642D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetWriteWatch [0x82EF044D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRestoreKey [0x83070D72]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeProcess [0x830B14B7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeThread [0x83039AF5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKey [0x83070F29]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKeyEx [0x830710C7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveMergedKeys [0x8307129F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetBootEntryOrder [0x830D47F8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetBootOptions [0x830D4CFA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetContextThread [0x830B0867]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDebugFilterState [0x82F5C4A8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultHardErrorPort [0x82F78758]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultLocale [0x82FA5421]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultUILanguage [0x82FA58F8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDriverEntryOrder [0x830D57AB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEaFile [0x8308C3E0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEvent [0x830513A4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEventBoostPriority [0x830D2B57]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighEventPair [0x830D9993]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighWaitLowEventPair [0x830D98C5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationDebugObject [0x8308356C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationFile [0x83017E2D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationJobObject [0x82FC826E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationKey [0x83071B15]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationObject [0x83004947]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationProcess [0x83032858]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationThread [0x8301723D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationToken [0x82FE3C2E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIntervalProfile [0x830DA0E2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIoCompletion [0x83021517]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLdtEntries [0x830B2C37]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowEventPair [0x830D9930]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowWaitHighEventPair [0x830D985A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetQuotaInformationFile [0x8308CFE2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSecurityObject [0x82FDE008]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemEnvironmentValue [0x830D33FB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemEnvironmentValueEx [0x830D3A23]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemPowerState [0x830F80A1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemTime [0x830CFA65]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetThreadExecutionState [0x82FC60EE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimer [0x82ECDB4F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimerResolution [0x82FCF4CD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetUuidSeed [0x82F7BA80]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetValueKey [0x82FFC35A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetVolumeInformationFile [0x8308CFFC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSignalAndWaitForSingleObject [0x82EDCFA7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStartProfile [0x830D9E40]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStopProfile [0x830DA01B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSuspendProcess [0x830B1457]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSuspendThread [0x82FB892D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateJobObject [0x82FF6DFA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTestAlert [0x83038422]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwThawRegistry [0x82EE189B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwThawTransactions [0x830C27B3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTraceEvent [0x82E49326]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTraceControl [0x8300D2DF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTranslateFilePath [0x830D59B7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadDriver [0x8308D84C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKey [0x8306A8A9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKey2 [0x8306A8C3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKeyEx [0x83071433]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockFile [0x82FDFA83]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockVirtualMemory [0x82E37A66]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnmapViewOfSection [0x8302EAED]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwVdmControl [0x830C5EE3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForDebugEvent [0x83083079]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForMultipleObjects [0x83051925]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForSingleObject [0x830507CC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitHighEventPair [0x830D97F1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitLowEventPair [0x830D9788]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFile [0x8303125A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFileGather [0x8306FE6E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteRequestData [0x8309D706]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteVirtualMemory [0x8302B8BD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwYieldExecution [0x82E49982]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyedEvent [0x82FD852D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyedEvent [0x830DA1DB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseKeyedEvent [0x83018C58]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForKeyedEvent [0x83018976]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPortInformationProcess [0x830B0256]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetCurrentProcessorNumber [0x82FB8FC2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForMultipleObjects32 [0x830A6D53]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNextProcess [0x830B166C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNextThread [0x830B18D9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFileEx [0x8306E027]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelSynchronousIoFile [0x8308B92F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveIoCompletionEx [0x82FF9F36]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRegisterProtocolAddressInformation [0x82F9395C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPropagationComplete [0x830C4F53]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPropagationFailed [0x830C5022]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateWorkerFactory [0x82FD8BE6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseWorkerFactoryWorker [0x82ECE16C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForWorkViaWorkerFactory [0x82ECDE06]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationWorkerFactory [0x82E391B0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationWorkerFactory [0x82F04281]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWorkerFactoryWorkerReady [0x82E51E6A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwShutdownWorkerFactory [0x82FC51A9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateUserProcess [0x82FE7BA6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryLicenseValue [0x82FE53DF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapCMFModule [0x82FED032]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsUILanguageComitted [0x82FA5A95]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushInstallUILanguage [0x82FA5925]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetMUIRegistryInfo [0x82FEF742]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAcquireCMFViewOwnership [0x830DA310]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseCMFViewOwnership [0x830DA4D7]

INT 0x00 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E69980
INT 0x01 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E69B00
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E69F54
INT 0x04 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6A0DC
INT 0x05 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6A23C
INT 0x06 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6A3B0
INT 0x07 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6AA20
INT 0x09 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6AE48
INT 0x0A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6AF6C
INT 0x0B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6B0AC
INT 0x0C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6B30C
INT 0x0D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6B5F4
INT 0x0E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6BCF8
INT 0x0F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x10 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C1E4
INT 0x11 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C324
INT 0x12 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x13 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C490
INT 0x14 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x15 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x16 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x17 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x18 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x19 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x1A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x1B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x1C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x1D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x1E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x1F \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831EFCD0
INT 0x2A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E690BA
INT 0x2B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E69240
INT 0x2C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6937C
INT 0x2D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E69E2C
INT 0x2E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68A7E
INT 0x2F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6C0C0
INT 0x30 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68140
INT 0x31 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6814A
INT 0x32 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68154
INT 0x33 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6815E
INT 0x34 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68168
INT 0x35 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68172
INT 0x36 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6817C
INT 0x37 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831EF0E8
INT 0x38 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68190
INT 0x39 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6819A
INT 0x3A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681A4
INT 0x3B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681AE
INT 0x3C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681B8
INT 0x3D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681C2
INT 0x3E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681CC
INT 0x3F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681D6
INT 0x40 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681E0
INT 0x41 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681EA
INT 0x42 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681F4
INT 0x43 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E681FE
INT 0x44 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68208
INT 0x45 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68212
INT 0x46 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6821C
INT 0x47 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68226
INT 0x48 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68230
INT 0x49 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6823A
INT 0x4A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68244
INT 0x4B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6824E
INT 0x4C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68258
INT 0x4D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68262
INT 0x4E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6826C
INT 0x4F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68276
INT 0x50 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68280
INT 0x51 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807B0F02
INT 0x51 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807B0F02
INT 0x51 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807B0F02
INT 0x51 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807B0F02
INT 0x51 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B4C0A
INT 0x51 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B4C0A
INT 0x51 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807B0F02
INT 0x52 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68294
INT 0x53 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6829E
INT 0x54 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682A8
INT 0x55 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682B2
INT 0x56 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682BC
INT 0x57 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682C6
INT 0x58 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682D0
INT 0x59 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682DA
INT 0x5A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682E4
INT 0x5B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682EE
INT 0x5C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E682F8
INT 0x5D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68302
INT 0x5E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6830C
INT 0x5F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68316
INT 0x60 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68320
INT 0x61 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B4C0A
INT 0x62 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68334
INT 0x63 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6833E
INT 0x64 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68348
INT 0x65 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68352
INT 0x66 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6835C
INT 0x67 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68366
INT 0x68 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68370
INT 0x69 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6837A
INT 0x6A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68384
INT 0x6B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6838E
INT 0x6C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68398
INT 0x6D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683A2
INT 0x6E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683AC
INT 0x6F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683B6
INT 0x70 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683C0
INT 0x71 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683CA
INT 0x72 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683D4
INT 0x73 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683DE
INT 0x74 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683E8
INT 0x75 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683F2
INT 0x76 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E683FC
INT 0x77 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68406
INT 0x78 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68410
INT 0x79 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6841A
INT 0x7A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68424
INT 0x7B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6842E
INT 0x7C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68438
INT 0x7D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68442
INT 0x7E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6844C
INT 0x7F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68456
INT 0x80 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68460
INT 0x81 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6846A
INT 0x82 \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) 88924390
INT 0x83 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6847E
INT 0x84 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68488
INT 0x85 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68492
INT 0x86 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6849C
INT 0x87 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684A6
INT 0x88 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684B0
INT 0x89 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684BA
INT 0x8A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684C4
INT 0x8B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684CE
INT 0x8C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684D8
INT 0x8D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684E2
INT 0x8E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684EC
INT 0x8F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E684F6
INT 0x90 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68500
INT 0x91 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6850A
INT 0x92 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B4C0A
INT 0x93 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6851E
INT 0x94 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68528
INT 0x95 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68532
INT 0x96 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6853C
INT 0x97 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68546
INT 0x98 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68550
INT 0x99 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6855A
INT 0x9A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68564
INT 0x9B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6856E
INT 0x9C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68578
INT 0x9D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68582
INT 0x9E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6858C
INT 0x9F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68596
INT 0xA0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685A0
INT 0xA1 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685AA
INT 0xA2 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B4C0A
INT 0xA3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685BE
INT 0xA4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685C8
INT 0xA5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685D2
INT 0xA6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685DC
INT 0xA7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685E6
INT 0xA8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685F0
INT 0xA9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E685FA
INT 0xAA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68604
INT 0xAB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6860E
INT 0xAC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68618
INT 0xAD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68622
INT 0xAE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6862C
INT 0xAF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68636
INT 0xB0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82ECD97B
INT 0xB1 \SystemRoot\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) 806A3A3E
INT 0xB2 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B4C0A
INT 0xB3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6865E
INT 0xB4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68668
INT 0xB5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68672
INT 0xB6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6867C
INT 0xB7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68686
INT 0xB8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68690
INT 0xB9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6869A
INT 0xBA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686A4
INT 0xBB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686AE
INT 0xBC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686B8
INT 0xBD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686C2
INT 0xBE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686CC
INT 0xBF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686D6
INT 0xC0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686E0
INT 0xC1 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831EF3D8
INT 0xC2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686F4
INT 0xC3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E686FE
INT 0xC4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68708
INT 0xC5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68712
INT 0xC6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6871C
INT 0xC7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68726
INT 0xC8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68730
INT 0xC9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6873A
INT 0xCA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68744
INT 0xCB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6874E
INT 0xCC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68758
INT 0xCD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68762
INT 0xCE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6876C
INT 0xCF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68776
INT 0xD0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68780
INT 0xD1 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831DAD64
INT 0xD2 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831DB01C
INT 0xD3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6879E
INT 0xD4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687A8
INT 0xD5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687B2
INT 0xD6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687BC
INT 0xD7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687C6
INT 0xD8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687D0
INT 0xD9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687DA
INT 0xDA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687E4
INT 0xDB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687EE
INT 0xDC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E687F8
INT 0xDD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68802
INT 0xDE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6880C
INT 0xDF \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831EF1C0
INT 0xE0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68820
INT 0xE1 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831EFB40
INT 0xE2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68834
INT 0xE3 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831EF6D4
INT 0xE4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68848
INT 0xE5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68852
INT 0xE6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6885C
INT 0xE7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68866
INT 0xE8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68870
INT 0xE9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6887A
INT 0xEA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68884
INT 0xEB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6888E
INT 0xEC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68898
INT 0xED \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688A2
INT 0xEE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688A9
INT 0xEF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688B0
INT 0xF0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688B7
INT 0xF1 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688BE
INT 0xF2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688C5
INT 0xF3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688CC
INT 0xF4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688D3
INT 0xF5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688DA
INT 0xF6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688E1
INT 0xF7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688E8
INT 0xF8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688EF
INT 0xF9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688F6
INT 0xFA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E688FD
INT 0xFB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68904
INT 0xFC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E6890B
INT 0xFD \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831F0100
INT 0xFE \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831F036C
INT 0xFF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E68920

SYSENTER \SystemRoot\system32\ntkrnlpa.exe 82E68B50

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 82E65268 1 Byte [90]
.text ntkrnlpa.exe!ZwQueryLicenseValue + D05 82E68DB9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 4FA 82EC67AA 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntkrnlpa.exe!KiDispatchInterrupt + 512 82EC67C2 1 Byte [00]
.text ntkrnlpa.exe!KeSetEvent + 119 82ECA89C 4 Bytes [8E, 7F, 23, 8D]
.text ntkrnlpa.exe!KeSetEvent + 13D 82ECA8C0 8 Bytes [5C, 8F, 23, 8D, 74, 81, 23, ...]
.text ntkrnlpa.exe!KeSetEvent + 1C1 82ECA944 4 Bytes [FA, 73, 23, 8D]
.text ntkrnlpa.exe!KeSetEvent + 1D9 82ECA95C 4 Bytes [F4, 7B, 23, 8D]
.text ntkrnlpa.exe!KeSetEvent + 205 82ECA988 4 Bytes [DC, 72, 23, 8D]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Avira\AntiVir Desktop\avguard.exe[304] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[432] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Program Files\Bonjour\mDNSResponder.exe[468] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ws2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\lxdacoms.exe[500] ws2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\wininit.exe[536] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO)
.text C:\Windows\system32\services.exe[580] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890

Edited by Ultilee Stupid, 02 April 2011 - 05:57 AM.

#6 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 05:41 AM

C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\services.exe[580] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsass.exe[596] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\lsm.exe[604] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\wbem\wmiprvse.exe[784] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[792] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[872] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[920] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 0040FD50 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1000] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) UPX1 C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] C:\Users\UltimoLee\Downloads\f7pmgey4.exe entry point in "UPX1" section [0x004B8F10] .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] shell32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] shell32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] shell32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] shell32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\Downloads\f7pmgey4.exe[1060] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] shell32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] shell32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] shell32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1120] shell32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1160] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1172] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1308] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930

Edited by Ultilee Stupid, 02 April 2011 - 06:00 AM.

#7 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 05:44 AM

C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] urlmon.dll!URLDownloadToCacheFileW 763365B3 5 Bytes JMP 10001F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] urlmon.dll!URLDownloadToFileW 7633AE88 5 Bytes JMP 10001ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] urlmon.dll!URLDownloadToFileA 763944A8 5 Bytes JMP 10001EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] urlmon.dll!URLDownloadToCacheFileA 763945C3 5 Bytes JMP 10001EF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] WININET.dll!InternetConnectA 7796DEAE 5 Bytes JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Windows Sidebar\sidebar.exe[1324] WININET.dll!InternetConnectW 7796F862 5 Bytes JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] shell32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] shell32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] shell32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] shell32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] WinInet.dll!InternetConnectA 7796DEAE 5 Bytes JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1356] WinInet.dll!InternetConnectW 7796F862 5 Bytes JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1388] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1572] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avshadow.exe[1576] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\spoolsv.exe[1716] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\sched.exe[1740] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10

Edited by Ultilee Stupid, 02 April 2011 - 06:02 AM.

#8 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:04 AM

C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[1836] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\svchost.exe[1880] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\SearchIndexer.exe[1968] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehmsas.exe[2380] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\igfxsrvc.exe[2568] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2588] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe section is writeable [0x00401000, 0x5DD000, 0xE0000060] .rsrc C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2588] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe section is executable [0x009DE000, 0x28000, 0xE0000020] .text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[2588] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 0050E060 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\ehome\ehtray.exe[2600] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[2668] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2988] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] shell32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] shell32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] shell32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] shell32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Real\Update_OB\realsched.exe[3108] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe[3252] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\svchost.exe[3268] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\igfxpers.exe[3392] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\Dwm.exe[3824] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0

#9 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:05 AM

C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\system32\taskeng.exe[3844] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 00174550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 001781E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 001719F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 00171950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtClose 77B34164 5 Bytes JMP 001782B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 001718D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 00171890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 001719B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 00171910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 00171A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 00171970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 001718F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 00171930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 001719D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 00171990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 001718B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 00177040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 00171A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 00171A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 00171A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 00171D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 00171B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 00171C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 00171BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 00171B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 00171CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 00171CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 00171C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 00171C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 00171AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 00171D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 00171AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 00171D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 00171A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 00171CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 00171D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 00171B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 00171B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 00171C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 00171C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 00171B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 00171BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 00171BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 00171D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 00171AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] USER32.dll!EndTask 7627AD32 5 Bytes JMP 00177E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 00171640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 00171480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 00171250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 00171000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 00177D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 00177BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 00171DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 00171E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 00171DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 00171DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 00178210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\System32\hkcmd.exe[3872] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 00178280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] urlmon.dll!URLDownloadToCacheFileW 763365B3 5 Bytes JMP 10001F10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] urlmon.dll!URLDownloadToFileW 7633AE88 5 Bytes JMP 10001ED0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] urlmon.dll!URLDownloadToFileA 763944A8 5 Bytes JMP 10001EB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] urlmon.dll!URLDownloadToCacheFileA 763945C3 5 Bytes JMP 10001EF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] WININET.dll!InternetConnectA 7796DEAE 5 Bytes JMP 10001E30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] WININET.dll!InternetConnectW 7796F862 5 Bytes JMP 10001E50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Windows\Explorer.EXE[3916] WINSTA.dll!WinStationTerminateProcess 75F73991 5 Bytes JMP 10007FE0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) ? C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] IMAGE_DOS_SIGNATURE not found; .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!LdrLoadDll 77AF93A8 5 Bytes JMP 10004550 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!LdrUnloadDll 77B0B740 7 Bytes JMP 100081E0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!LdrGetProcedureAddress 77B157A0 5 Bytes JMP 100019F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtAllocateVirtualMemory 77B33F84 5 Bytes JMP 10001950 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtClose 77B34164 5 Bytes JMP 100082B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtCreateFile 77B34224 5 Bytes JMP 100018D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtCreateProcess 77B342E4 5 Bytes JMP 10001890 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtCreateProcessEx 77B342F4 5 Bytes JMP 100019B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtDeleteFile 77B34604 5 Bytes JMP 10001910 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtFreeVirtualMemory 77B34794 5 Bytes JMP 10001A30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtLoadDriver 77B348B4 5 Bytes JMP 10001970 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtOpenFile 77B34A04 5 Bytes JMP 100018F0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtProtectVirtualMemory 77B34B84 5 Bytes JMP 10001930 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtSetInformationProcess 77B35174 5 Bytes JMP 100019D0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtUnloadDriver 77B353C4 5 Bytes JMP 10001990 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtWriteVirtualMemory 77B354C4 5 Bytes JMP 100018B0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!NtCreateUserProcess 77B35654 5 Bytes JMP 10007040 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ntdll.dll!RtlAllocateHeap 77B363B0 5 Bytes JMP 10001A10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CreateProcessW 764F1BF3 5 Bytes JMP 10001A70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CreateProcessA 764F1C28 5 Bytes JMP 10001A50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!VirtualProtect 764F1DC3 5 Bytes JMP 10001D90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!OpenFile 764F355A 5 Bytes JMP 10001B10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!MoveFileW 764FA2F2 5 Bytes JMP 10001C10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CopyFileExW 76500211 7 Bytes JMP 10001BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CopyFileW 76500299 5 Bytes JMP 10001B90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!DeleteFileW 7650F4B6 5 Bytes JMP 10001CD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!DeleteFileA 7650F5D2 5 Bytes JMP 10001CB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!MoveFileWithProgressW 765110A4 5 Bytes JMP 10001C90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!MoveFileExW 765110C8 5 Bytes JMP 10001C50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!LoadLibraryExW 76519109 7 Bytes JMP 10001AF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!LoadLibraryW 76519362 5 Bytes JMP 10001D50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!LoadLibraryExA 765194B4 5 Bytes JMP 10001AD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!LoadLibraryA 765194DC 5 Bytes JMP 10001D30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!GetProcAddress 7653903B 5 Bytes JMP 10001A90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!GetModuleHandleA 765392A5 5 Bytes JMP 10001CF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!GetModuleHandleW 7653A804 5 Bytes JMP 10001D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CreateFileW 7653AECB 5 Bytes JMP 10001B50 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CreateFileA 7653CE5F 5 Bytes JMP 10001B30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!MoveFileExA 76540F0A 5 Bytes JMP 10001C30 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!MoveFileWithProgressA 76540F2A 5 Bytes JMP 10001C70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CopyFileA 76542433 5 Bytes JMP 10001B70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!MoveFileA 7657F641 5 Bytes JMP 10001BF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!CopyFileExA 765819F9 5 Bytes JMP 10001BB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!WinExec 76585CF7 5 Bytes JMP 10001D70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] kernel32.dll!LoadModule 76585E4F 5 Bytes JMP 10001AB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ADVAPI32.dll!OpenServiceA 77852EBD 7 Bytes JMP 10001640 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ADVAPI32.dll!OpenServiceW 77858354 7 Bytes JMP 10001480 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ADVAPI32.dll!CreateServiceW 77879EB4 7 Bytes JMP 10001250 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ADVAPI32.dll!CreateServiceA 778B72A1 7 Bytes JMP 10001000 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ole32.dll!CoGetClassObject 76B2FAE8 5 Bytes JMP 10007D10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] ole32.dll!CoCreateInstanceEx 76B49F81 5 Bytes JMP 10007BD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] USER32.dll!EndTask 7627AD32 5 Bytes JMP 10007E80 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] WS2_32.dll!WSASocketW 764434EB 7 Bytes JMP 10001E90 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] WS2_32.dll!WSASocketA 76448FA9 5 Bytes JMP 10001E70 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] SHELL32.dll!ShellExecuteW 76C59725 5 Bytes JMP 10001DD0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] SHELL32.dll!ShellExecuteExW 76CAC155 5 Bytes JMP 10001E10 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] SHELL32.dll!ShellExecuteEx 76E5A292 5 Bytes JMP 10001DF0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] SHELL32.dll!ShellExecuteA 76E5A32D 5 Bytes JMP 10001DB0 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] fltlib.dll!FilterConnectCommunicationPort 75FE12D6 5 Bytes JMP 10008210 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) .text C:\Users\UltimoLee\AppData\Local\pgv.exe[3960] fltlib.dll!FilterSendMessage 75FE2385 5 Bytes JMP 10008280 C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation) Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \ Device \Driver\KSecDD \Device\KsecDD ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\NDIS \Device\Ndis ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Device\00000019 Device \Device\00000025 Device \Driver\PnpManager \Device\00000032 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000032 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\Beep \Device\Beep Beep.SYS (BEEP Driver/Microsoft Corporation) Device \Driver\Beep \Device\Beep ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\srvnet \Device\SrvNet srvnet.sys (Server Network driver/Microsoft Corporation) Device \Device\00000026 Device \Driver\PnpManager \Device\00000033 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000033 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\NetBIOS \Device\Netbios netbios.sys (NetBIOS interface driver/Microsoft Corporation) Device \FileSystem\NetBIOS \Device\Netbios ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\RasSstp \Device\NDMP10 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\RasSstp \Device\NDMP10 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\RasSstp \Device\NDMP10 rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\cmdHlp \Device\CFPTcpFlt cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) Device \Driver\PnpManager \Device\00000034 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000034 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\ACPI \Device\00000040 acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Device\00000027 Device \Driver\kbdclass \Device\KeyboardClass0 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) Device \Driver\kbdclass \Device\KeyboardClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000035 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000035 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\Video0 Device \Driver\avgio \Device\avgio avgio.sys Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\ACPI \Device\00000041 acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Driver\Wdf01000 \Device\KMDF0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) Device \Driver\Wdf01000 \Device\KMDF0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\00000028 Device \Device\KeyboardClass1 Device \Driver\NDProxy \Device\NDProxy NDProxy.SYS (NDIS Proxy/Microsoft Corporation) Device \Driver\NDProxy \Device\NDProxy ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\Tun0 Device \Driver\RDPCDD \Device\Video1 VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) Device \Driver\RDPCDD \Device\Video1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000036 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000036 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl volmgr.sys (Volume Manager Driver/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\ACPI \Device\00000042 acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Device\00000029 Device \FileSystem\srvnet \Device\SrvAdmin srvnet.sys (Server Network driver/Microsoft Corporation) Device \Driver\RDPENCDD \Device\Video2 VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) Device \Driver\RDPENCDD \Device\Video2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\mouclass \Device\PointerClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation) Device \Driver\mouclass \Device\PointerClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbhub \Device\00000050 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000050 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Device\00000043 Device \Device\00000037 Device \Device\0000000a Device \Driver\igfx \Device\Video3 dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) Device \Driver\igfx \Device\Video3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\igfx \Device\Video3 dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) Device \Driver\PnpManager \Device\00000038 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000038 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\PointerClass1 Device \Driver\usbuhci \Device\USBPDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbhub \Device\00000051 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000051 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Device\00000044 Device \Device\0000000b Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\spldr \Device\SpDevice spldr.sys (loader for security processor/Microsoft Corporation) Device \Driver\spldr \Device\SpDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbhub \Device\00000052 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000052 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy6 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\PnpManager \Device\00000039 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000039 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\00000045 Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\0000000c Device \FileSystem\ISODrive \Device\IsoCdRom0 ISODrive.sys Device \FileSystem\ISODrive \Device\IsoCdRom0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PEAUTH \Device\PEAuth Wdf01000.sys (WDF Dynamic/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-2 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbhub \Device\00000053 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000053 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy7 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Device\00000046 Device \Device\NTPNP_PCI0000 Device \Device\0000001a Device \Device\0000000d Device \Device\MPS Device \Driver\usbehci \Device\USBPDO-3 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbehci \Device\USBPDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\cmdHlp \Device\CFPRawFlt cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) Device \Driver\cmdHlp \Device\CFPUdpFlt cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) Device \Driver\usbhub \Device\00000054 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000054 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy8 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Device\00000047 Device \Device\NTPNP_PCI0001 Device \Device\0000001b Device \Device\0000000e Device \Driver\RasAcd \Device\RasAcd rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) Device \Driver\RasAcd \Device\RasAcd ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\netbt \Device\NetBT_Tcpip_{409452A3-5B92-4468-B2C6-D644AE9F4822} netbt.sys (MBT Transport driver/Microsoft Corporation) Device \Driver\netbt \Device\NetBT_Tcpip_{409452A3-5B92-4468-B2C6-D644AE9F4822} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\netbt \Device\NetBT_Tcpip_{409452A3-5B92-4468-B2C6-D644AE9F4822} netbt.sys (MBT Transport driver/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0002 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0002 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-4 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PSched \Device\Psched ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\usbhub \Device\00000055 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000055 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\GEARAspiWDM \Device\GEARAspiWDMDevice GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy9 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Device\00000048 Device \Device\0000001c Device \Device\0000000f Device \Driver\tdx \Device\Tcp tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\Tcp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\DfsC \Device\DfsClient dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) Device \FileSystem\DfsC \Device\DfsClient ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-5 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbhub \Device\00000056 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\00000056 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0010 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0010 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0010 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0003 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0003 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\ACPI \Device\00000049 acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Device\0000001d Device \Driver\usbuhci \Device\USBPDO-6 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBPDO-6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0011 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0011 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0011 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0004 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0004 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\Tcpip \Device\eQoS tcpip.sys (TCP/IP Driver/Microsoft Corporation) Device \Driver\Tcpip \Device\eQoS ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\0000002a Device \Device\0000001e Device \Driver\volmgr \Device\HarddiskVolume1 volmgr.sys (Volume Manager Driver/Microsoft Corporation) Device \Driver\volmgr \Device\HarddiskVolume1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Device\00000058 Device \Device\Http\ReqQueue Device \Device\Http\Communication Device \Driver\usbehci \Device\USBPDO-7 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbehci \Device\USBPDO-7 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0012 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0012 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0012 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0005 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0005 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0005 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\tunnel \Device\NDMP1 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\tunnel \Device\NDMP1 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Device\i Device \Driver\cdrom \Device\CdRom0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) Device \Driver\cdrom \Device\CdRom0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\Ecache \Device\ECacheControl ecache.sys (Special Memory Device Cache/Microsoft Corporation) Device \FileSystem\rdbss \Device\FsWrap rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) Device \FileSystem\rdbss \Device\FsWrap ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0006 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0006 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0006 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\tunmp \Device\NDMP2 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\tunmp \Device\NDMP2 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\TermDD \Device\Termdd termdd.sys (Terminal Server Driver/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort0 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort1 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort2 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort3 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdePort3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde1Channel0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde1Channel0 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde1Channel1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde1Channel1 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde0Channel0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde0Channel0 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde0Channel1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pciide \Device\Ide\PciIde0Channel1 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) Device \Device\Ide\PciIde0 Device \Device\Ide\PciIde1 Device \Driver\e1express \Device\NDMP3 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\e1express \Device\NDMP3 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \FileSystem\ISODrive \Device\IsoCdRom ISODrive.sys Device \FileSystem\ISODrive \Device\IsoCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\tdx \Device\RawIp6 tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\RawIp6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\0000002d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\0000002d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0007 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0007 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0014 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0014 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0014 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\0000003a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\0000003a hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) Device \Driver\ACPI \Device\0000003b acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Driver\PnpManager \Device\0000002e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\0000002e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0008 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0008 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0008 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\NdisWan \Device\NDMP5 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\NdisWan \Device\NDMP5 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\ACPI \Device\0000003c acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Driver\PnpManager \Device\0000002f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\0000002f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0009 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0009 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\pci \Device\NTPNP_PCI0009 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) Device \Driver\PxHelp20 \Device\PxHelperDevice0 PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) Device \Driver\tdx \Device\Tcp6 tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\Tcp6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\secdrv \Device\Secdrv secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) Device \Driver\secdrv \Device\Secdrv ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\NdisWan \Device\NDMP6 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\NdisWan \Device\NDMP6 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy10 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\ACPI \Device\0000003d acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Driver\NdisWan \Device\NDMP7 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\NdisWan \Device\NDMP7 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\netbt \Device\NetBt_Wins_Export netbt.sys (MBT Transport driver/Microsoft Corporation) Device \Driver\netbt \Device\NetBt_Wins_Export ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\netbt \Device\NetBt_Wins_Export netbt.sys (MBT Transport driver/Microsoft Corporation) Device \Driver\e1express \Device\INTELPRO_{409452A3-5B92-4468-B2C6-D644AE9F4822} ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\e1express \Device\INTELPRO_{409452A3-5B92-4468-B2C6-D644AE9F4822} ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy11 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\RasPppoe \Device\NDMP8 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\RasPppoe \Device\NDMP8 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\Tcpip \Device\WFP tcpip.sys (TCP/IP Driver/Microsoft Corporation) Device \Driver\Tcpip \Device\WFP ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\pcouffin \Device\Patin couffin device0 pcouffin.sys (low level access layer for CD/DVD/BD devices/VSO Software) Device \Driver\pcouffin \Device\Patin couffin device0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy12 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\Smb \Device\NetbiosSmb smb.sys (SMB Transport driver/Microsoft Corporation) Device \Driver\Smb \Device\NetbiosSmb ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PptpMiniport \Device\NDMP9 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\PptpMiniport \Device\NDMP9 ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy13 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\ACPI \Device\0000004c acpi.sys (ACPI Driver for NT/Microsoft Corporation) Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy14 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) Device \Driver\MountMgr \Device\MountPointManager mountmgr.sys (Mount Point Manager/Microsoft Corporation) Device \Driver\MountMgr \Device\MountPointManager ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\tdx \Device\Tdx tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\Tdx ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\ssmdrv \Device\ssmctl ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) Device \Driver\ssmdrv \Device\ssmctl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\nsiproxy \Device\Nsi nsiproxy.sys (NSI Proxy/Microsoft Corporation) Device \Driver\Wanarpv6 \Device\WANARP wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) Device \FileSystem\srv \Device\LanmanServer srv.sys (Server driver/Microsoft Corporation) Device \FileSystem\srv2 \Device\Srv2 srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) Device \FileSystem\Mup \Device\Mup mup.sys (Multiple UNC Provider driver/Microsoft Corporation) Device \Driver\igfx \Device\0000005c dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) Device \Driver\igfx \Device\0000005c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\igfx \Device\0000005c dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) Device \Driver\iScsiPrt \Device\RaidPort0 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation) Device \Driver\iScsiPrt \Device\RaidPort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbhub \Device\0000004f usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) Device \Driver\usbhub \Device\0000004f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\partmgr \Device\PartmgrControl partmgr.sys (Partition Management Driver/Microsoft Corporation) Device \Driver\tdx \Device\Udp tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\Udp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\inspect \Device\Inspect ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\umbus \Device\0000005d Wdf01000.sys (WDF Dynamic/Microsoft Corporation) Device \Driver\disk \Device\Harddisk0\DR0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) Device \Driver\disk \Device\Harddisk0\DR0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\tdx \Device\RawIp tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\RawIp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\Wanarpv6 \Device\WANARPV6 wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\Null \Device\Null Null.SYS (NULL Driver/Microsoft Corporation) Device \Driver\Null \Device\Null ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\Tcpip \Device\NXTIPSEC tcpip.sys (TCP/IP Driver/Microsoft Corporation) Device \Driver\Tcpip \Device\NXTIPSEC ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\tdx \Device\Udp6 tdx.sys (TDI Translation Driver/Microsoft Corporation) Device \Driver\tdx \Device\Udp6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\NdisTapi \Device\NdisTapi ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) Device \Driver\NdisTapi \Device\NdisTapi ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\NdisWan \Device\NdisWan ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\NdisWan \Device\NdisWan ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\secdrv \Device\AscKmd secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) Device \Driver\secdrv \Device\AscKmd ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\bowser \Device\LanmanDatagramReceiver bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) Device \Driver\cmdHlp \Device\CFPIpFlt cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) Device \Driver\usbuhci \Device\USBFDO-2 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\DXGKrnl \Device\DxgKrnl dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) Device \Driver\DXGKrnl \Device\DxgKrnl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbehci \Device\USBFDO-3 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbehci \Device\USBFDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS (NPFS Driver/Microsoft Corporation) Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\kxldipow \Device\kxldipow kxldipow.sys Device \Driver\kxldipow \Device\kxldipow ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-4 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS (Mailslot driver/Microsoft Corporation) Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-5 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\AFD \Device\Afd afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) Device \FileSystem\FileInfo \Device\FileInfo fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) Device \FileSystem\FileInfo \Device\FileInfo ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\RasSstp \Device\SstpDrv ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\RasSstp \Device\SstpDrv ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) Device \Driver\RasSstp \Device\SstpDrv rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-6 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbuhci \Device\USBFDO-6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\Tcpip \Device\WfpAle tcpip.sys (TCP/IP Driver/Microsoft Corporation) Device \Driver\Tcpip \Device\WfpAle ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000030 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000030 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\usbehci \Device\USBFDO-7 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) Device \Driver\usbehci \Device\USBFDO-7 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\avipbb \Device\avipbb avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) Device \Driver\avipbb \Device\avipbb ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000031 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \Driver\PnpManager \Device\00000031 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\ExFatRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\ExFatRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\avgntflt \FileSystem\Filters\avgntflt avgntflt.sys (Avira Minifilter Driver/Avira GmbH) Device \FileSystem\Filters\FltMgrMsg Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ---- Modules - GMER 1.0.15 ---- Module \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 82E1E000-831D8000 (3907584 bytes) Module \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 831D8000-8320B000 (208896 bytes) Module \SystemRoot\system32\kdcom.dll (Kernel Debugger HW Extension DLL/Microsoft Corporation) 8040A000-80411000 (28672 bytes) Module \SystemRoot\system32\mcupdate_GenuineIntel.dll (Intel Microcode Update Library/Microsoft Corporation) 80411000-80481000 (458752 bytes) Module \SystemRoot\system32\PSHED.dll (Platform Specific Hardware Error Driver/Microsoft Corporation) 80481000-80492000 (69632 bytes) Module \SystemRoot\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation) 80492000-8049A000 (32768 bytes) Module \SystemRoot\system32\CLFS.SYS (Common Log File System Driver/Microsoft Corporation) 8049A000-804DB000 (266240 bytes) Module \SystemRoot\system32\CI.dll (Code Integrity Module/Microsoft Corporation) 804DB000-805BB000 (917504 bytes) Module \SystemRoot\system32\drivers\Wdf01000.sys (WDF Dynamic/Microsoft Corporation) 8060D000-80689000 (507904 bytes) Module \SystemRoot\system32\drivers\WDFLDR.SYS (WDFLDR/Microsoft Corporation) 80689000-80696000 (53248 bytes) Module \SystemRoot\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) 80696000-806DC000 (286720 bytes) Module \SystemRoot\system32\drivers\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation) 806DC000-806E5000 (36864 bytes) Module \SystemRoot\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) 806E5000-806ED000 (32768 bytes) Module \SystemRoot\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) 806ED000-80714000 (159744 bytes) Module \SystemRoot\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) 80714000-80723000 (61440 bytes) Module \SystemRoot\system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation) 80723000-80732000 (61440 bytes) Module \SystemRoot\System32\drivers\volmgrx.sys (Volume Manager Extension Driver/Microsoft Corporation) 80732000-8077C000 (303104 bytes) Module \SystemRoot\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) 8077C000-80783000 (28672 bytes) Module \SystemRoot\system32\drivers\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) 80783000-80791000 (57344 bytes) Module \SystemRoot\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) 80791000-807A1000 (65536 bytes) Module \SystemRoot\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) 807A1000-807A9000 (32768 bytes) Module \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807A9000-807C7000 (122880 bytes) Module \SystemRoot\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) 807C7000-807F9000 (204800 bytes) Module \SystemRoot\system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) 805BB000-805CB000 (65536 bytes) Module \SystemRoot\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) 80600000-8060A000 (40960 bytes) Module \SystemRoot\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) 88600000-88671000 (462848 bytes) Module \SystemRoot\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) 88671000-8877C000 (1093632 bytes) Module \SystemRoot\system32\drivers\msrpc.sys (Kernel Remote Procedure Call Provider/Microsoft Corporation) 8877C000-887A7000 (176128 bytes) Module \SystemRoot\system32\drivers\NETIO.SYS (Network I/O Subsystem/Microsoft Corporation) 887A7000-887E2000 (241664 bytes) Module \SystemRoot\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) 8880E000-888F8000 (958464 bytes) Module \SystemRoot\System32\drivers\fwpkclnt.sys (FWP/IPsec Kernel-Mode API/Microsoft Corporation) 888F8000-88913000 (110592 bytes) Module \SystemRoot\System32\Drivers\Ntfs.sys (NT File System Driver/Microsoft Corporation) 88A01000-88B11000 (1114112 bytes) Module \SystemRoot\system32\drivers\volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) 88B11000-88B4A000 (233472 bytes) Module \SystemRoot\System32\Drivers\spldr.sys (loader for security processor/Microsoft Corporation) 88B4A000-88B52000 (32768 bytes) Module \SystemRoot\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) 88B52000-88B61000 (61440 bytes) Module \SystemRoot\System32\drivers\ecache.sys (Special Memory Device Cache/Microsoft Corporation) 88B61000-88B88000 (159744 bytes) Module \SystemRoot\system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) 88B88000-88B99000 (69632 bytes) Module \SystemRoot\system32\drivers\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) 88B99000-88BBA000 (135168 bytes) Module \SystemRoot\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) 88BBA000-88BC3000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) 88BE3000-88BEE000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) 88BEE000-88BF7000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) 88913000-88922000 (61440 bytes) Module \SystemRoot\system32\DRIVERS\igdkmd32.sys (Intel Graphics Kernel Mode Driver/Intel Corporation) 8CA07000-8D0C2000 (7057408 bytes) Module \SystemRoot\System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) 8D0C2000-8D162000 (655360 bytes) Module \SystemRoot\System32\drivers\watchdog.sys (Watchdog Driver/Microsoft Corporation) 8D162000-8D16E000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\e1e6032.sys (Intel® PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) 8D16E000-8D1A8000 (237568 bytes) Module \SystemRoot\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) 8D1A8000-8D1B3000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 8D1B3000-8D1F1000 (253952 bytes) Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) 8D1F1000-8D200000 (61440 bytes) Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) 88922000-889AF000 (577536 bytes) Module \SystemRoot\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) 889AF000-889BA000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) 889BA000-889D2000 (98304 bytes) Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) 889D2000-889DC000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) 805CB000-805FA000 (192512 bytes) Module \SystemRoot\system32\DRIVERS\storport.sys (Microsoft Storage Port Driver/Microsoft Corporation) 8C605000-8C646000 (266240 bytes) Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation) 8C646000-8C651000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) 8C651000-8C668000 (94208 bytes) Module \SystemRoot\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) 8C668000-8C673000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) 8C673000-8C696000 (143360 bytes) Module \SystemRoot\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) 8C696000-8C6A5000 (61440 bytes) Module \SystemRoot\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) 8C6A5000-8C6B9000 (81920 bytes) Module \SystemRoot\system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) 8C6B9000-8C6CE000 (86016 bytes) Module \SystemRoot\System32\Drivers\pcouffin.sys (low level access layer for CD/DVD/BD devices/VSO Software) 8C6CE000-8C6DA000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) 8C6DA000-8C6EA000 (65536 bytes) Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) 8C6EA000-8C6F5000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) 8C6F5000-8C700000 (45056 bytes) Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) 8C700000-8C702000 (8192 bytes) Module \SystemRoot\system32\DRIVERS\ks.sys (Kernel CSA Library/Microsoft Corporation) 8C702000-8C72C000 (172032 bytes) Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) 8C72C000-8C736000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) 8C736000-8C743000 (53248 bytes) Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) 8C743000-8C778000 (217088 bytes) Module \SystemRoot\System32\Drivers\NDProxy.SYS (NDIS Proxy/Microsoft Corporation) 8C778000-8C789000 (69632 bytes) Module \SystemRoot\system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) 8C789000-8C7C8000 (258048 bytes) Module \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation) 8C7C8000-8C7F5000 (184320 bytes) Module \SystemRoot\system32\drivers\drmk.sys (Microsoft Kernel DRM Descrambler Filter/Microsoft Corporation) 8D20D000-8D232000 (151552 bytes) Module \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) 8D232000-8D255000 (143360 bytes) Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) 8D255000-8D25E000 (36864 bytes) Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation) 8D25E000-8D265000 (28672 bytes) Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation) 8D265000-8D26C000 (28672 bytes) Module \SystemRoot\system32\DRIVERS\HIDPARSE.SYS (Hid Parsing Library/Microsoft Corporation) 8D275000-8D27C000 (28672 bytes) Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) 8D27C000-8D288000 (49152 bytes) Module \SystemRoot\System32\drivers\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) 8D288000-8D2A9000 (135168 bytes) Module \SystemRoot\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) 8D2A9000-8D2B1000 (32768 bytes) Module \SystemRoot\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) 8D2B1000-8D2B9000 (32768 bytes) Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation) 8D2B9000-8D2C4000 (45056 bytes) Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation) 8D2C4000-8D2D2000 (57344 bytes) Module \SystemRoot\System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) 8D2D2000-8D2DB000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) 8D2DB000-8D2F1000 (90112 bytes) Module \SystemRoot\System32\DRIVERS\cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) 8D2F1000-8D2FB000 (40960 bytes) Module \SystemRoot\System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) 8D2FB000-8D32D000 (204800 bytes) Module \SystemRoot\system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) 8D32D000-8D341000 (81920 bytes) Module \SystemRoot\system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) 8D341000-8D389000 (294912 bytes) Module \SystemRoot\system32\DRIVERS\pacer.sys (QoS Packet Scheduler/Microsoft Corporation) 8D389000-8D39F000 (90112 bytes) Module \SystemRoot\system32\DRIVERS\inspect.sys (COMODO Internet Security Firewall Driver/COMODO) 8D39F000-8D3B4000 (86016 bytes) Module \SystemRoot\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) 8D3B4000-8D3C2000 (57344 bytes) Module \SystemRoot\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) 8D3C2000-8D3D5000 (77824 bytes) Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) 8D3D5000-8D3DB000 (24576 bytes) Module \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) 8DE0C000-8DE48000 (245760 bytes) Module \SystemRoot\system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) 8DE48000-8DE52000 (40960 bytes) Module \??\C:\Program_Files\UltraISO\drivers\ISODrive.sys (ISO DVD/CD-ROM Device Driver/EZB Systems, Inc.) 8DE52000-8DE69000 (94208 bytes) Module \SystemRoot\System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) 8DE69000-8DE80000 (94208 bytes) Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) 8DE80000-8DEA6000 (155648 bytes) Module \??\C:\Program_Files\Avira\AntiVir_Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) 8DEA6000-8DEA8000 (8192 bytes) Module \SystemRoot\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) 8DEA8000-8DEB1000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\HIDCLASS.SYS (Hid Class Library/Microsoft Corporation) 8DEB1000-8DEC1000 (65536 bytes) Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation) 8DEC1000-8DEC3000 (8192 bytes) Module \SystemRoot\system32\DRIVERS\kbdhid.sys (HID Keyboard Filter Driver/Microsoft Corporation) 8DEC3000-8DECC000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) 8DECC000-8DED4000 (32768 bytes) Module \SystemRoot\System32\Drivers\crashdmp.sys (Crash Dump Driver/Microsoft Corporation) 8DED4000-8DEE1000 (53248 bytes) Module \SystemRoot\System32\Drivers\dump_dumpata.sys 8DEE1000-8DEEC000 (45056 bytes) Module \SystemRoot\System32\Drivers\dump_atapi.sys 8DEEC000-8DEF4000 (32768 bytes) Module \SystemRoot\System32\win32k.sys (Multi-User Win32 Driver/Microsoft Corporation) 95A20000-95C23000 (2109440 bytes) Module \SystemRoot\System32\drivers\Dxapi.sys (DirectX API Driver/Microsoft Corporation) 8DEF4000-8DEFE000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) 8DEFE000-8DF0D000 (61440 bytes) Module \SystemRoot\System32\TSDDD.dll (Framebuffer Display Driver/Microsoft Corporation) 95C40000-95C49000 (36864 bytes) Module \SystemRoot\System32\cdd.dll (Canonical Display Driver/Microsoft Corporation) 95C60000-95C6E000 (57344 bytes) Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) 95C70000-95CBD000 (315392 bytes) Module \SystemRoot\system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) 8DF0D000-8DF28000 (110592 bytes) Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) 8DF28000-8DF3D000 (86016 bytes) Module \SystemRoot\system32\drivers\spsys.sys (security processor/Microsoft Corporation) 8DF3D000-8DFED000 (720896 bytes) Module \SystemRoot\system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) 8DFED000-8DFFD000 (65536 bytes) Module \SystemRoot\system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) 8D3DB000-8D3EE000 (77824 bytes) Module \SystemRoot\system32\drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) A8007000-A8074000 (446464 bytes) Module \SystemRoot\System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) A8074000-A8091000 (118784 bytes) Module \SystemRoot\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) A8091000-A80AA000 (102400 bytes) Module \SystemRoot\System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) A80AA000-A80BF000 (86016 bytes) Module \SystemRoot\system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) A80BF000-A80E0000 (135168 bytes) Module \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) A80E0000-A80FF000 (126976 bytes) Module \SystemRoot\system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) A80FF000-A8138000 (233472 bytes) Module \SystemRoot\system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) A8138000-A8150000 (98304 bytes) Module \SystemRoot\System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) A8150000-A8178000 (163840 bytes) Module \SystemRoot\System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) A8178000-A81C6000 (319488 bytes) Module \SystemRoot\system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) ABC03000-ABCE1000 (909312 bytes) Module \SystemRoot\System32\Drivers\secdrv.SYS (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) ABCE1000-ABCEB000 (40960 bytes) Module \SystemRoot\System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) ABCEB000-ABCF7000 (49152 bytes) Module \SystemRoot\system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) ABCF7000-ABD0D000 (90112 bytes) Module \??\C:\Users\VJones\AppData\Local\Temp\kxldipow.sys (GMER) ABD0D000-ABD26000 (102400 bytes) Module \Windows\System32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 77AD0000-77BF8000 (1212416 bytes) ---- Processes - GMER 1.0.15 ---- Process System Idle 0 Process System 4 Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 304 Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00E00000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCR90.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x73230000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCP90.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x732E0000 Library C:\Program Files\Avira\AntiVir Desktop\libdb44.dll (Berkeley DB 4.4 DLL/Sleepycat Software) 0x13000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\WTSAPI32.DLL (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x00F50000 Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AntiVir Guard Messages (Deutsch)/Avira GmbH) 0x00DE0000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x731E0000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x010F0000 Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00FA0000 Library C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll (Antivirus email sender library/Avira GmbH) 0x72B70000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\NETAPI32.DLL (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x012A0000 Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01450000 Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01320000 Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x027C0000 Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01490000 Library C:\Program Files\Avira\AntiVir Desktop\aesbx.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01710000 Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01800000 Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x018E0000 Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x02540000 Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02400000 Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x03100000 Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02900000 Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02940000 Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x02AC0000 Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01340000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x014C0000 Process C:\Windows\System32\smss.exe (Windows Session Manager/Microsoft Corporation) 420 Library C:\Windows\System32\smss.exe (Windows Session Manager/Microsoft Corporation) 0x478B0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Process C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 432 Library C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) 0x00060000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x73590000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Process C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) 468 Library C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Process C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 492 Library C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x49F40000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x760C0000 Library C:\Windows\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x760A0000 Library C:\Windows\system32\winsrv.dll (Multi-User Windows Server DLL/Microsoft Corporation) 0x76040000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Process C:\Windows\system32\lxdacoms.exe (Printer Communication System/ ) 500 Library C:\Windows\system32\lxdacoms.exe (Printer Communication System/ ) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\ws2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Process C:\Windows\system32\wininit.exe (Windows Start-Up Application/Microsoft Corporation) 536 Library C:\Windows\system32\wininit.exe (Windows Start-Up Application/Microsoft Corporation) 0x00670000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Process C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 544 Library C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x49F40000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x760C0000 Library C:\Windows\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x760A0000 Library C:\Windows\system32\winsrv.dll (Multi-User Windows Server DLL/Microsoft Corporation) 0x76040000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Process C:\Windows\system32\services.exe (Services and Controller app/Microsoft Corporation) 580 Library C:\Windows\system32\services.exe (Services and Controller app/Microsoft Corporation) 0x00630000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\SCESRV.dll (Windows Security Configuration Editor Engine/Microsoft Corporation) 0x75BB0000 Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x75930000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Process C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 596 Library C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 0x000B0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\LSASRV.dll (LSA Server DLL/Microsoft Corporation) 0x75DB0000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\SAMSRV.dll (SAM Server DLL/Microsoft Corporation) 0x75D30000 Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75D10000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\FeClient.dll (Windows NT File Encryption Client Interfaces/Microsoft Corporation) 0x75B90000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75FA0000 Library C:\Windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x759F0000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\cngaudit.dll (Windows Cryptographic Next Generation audit library/Microsoft Corporation) 0x75920000 Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\system32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\msprivs.dll (Microsoft Privilege Translations/Microsoft Corporation) 0x75880000 Library C:\Windows\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x757F0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x757B0000 Library C:\Windows\system32\netlogon.dll (Net Logon Services DLL/Microsoft Corporation) 0x75670000 Library C:\Windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x75590000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\wdigest.dll (Microsoft Digest Access/Microsoft Corporation) 0x75560000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\tspkg.dll (Web Service Security Package/Microsoft Corporation) 0x75500000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\setupapi.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\scecli.dll (Windows Security Configuration Editor Client Engine/Microsoft Corporation) 0x754B0000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\dssenh.dll (Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider/Microsoft Corporation) 0x6BDA0000

#10 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:08 AM

Process C:\Windows\system32\lsm.exe (Local Session Manager Service/Microsoft Corporation) 604 Library C:\Windows\system32\lsm.exe (Local Session Manager Service/Microsoft Corporation) 0x007E0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75FA0000 Library C:\Windows\system32\WMsgAPI.dll (WinLogon IPC Client/Microsoft Corporation) 0x75F90000 Library C:\Windows\system32\secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Process C:\Windows\system32\winlogon.exe (Windows Logon Application/Microsoft Corporation) 640 Library C:\Windows\system32\winlogon.exe (Windows Logon Application/Microsoft Corporation) 0x008D0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\SHSVCS.dll (Windows Shell Services Dll/Microsoft Corporation) 0x74130000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x735F0000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Process C:\Windows\system32\wbem\wmiprvse.exe (WMI Provider Host/Microsoft Corporation) 784 Library C:\Windows\system32\wbem\wmiprvse.exe (WMI Provider Host/Microsoft Corporation) 0x00E40000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x72490000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\wbem\FastProx.dll (WMI Custom Marshaller/Microsoft Corporation) 0x71C90000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x75930000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x72120000 Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x71C70000 Library C:\Windows\system32\wbem\wmiprov.dll (WMI/Microsoft Corporation) 0x6C9E0000 Library C:\Windows\system32\WMI.dll (WMI DC and DP functionality/Microsoft Corporation) 0x6B9C0000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 792 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\umpnpmgr.dll (User-mode Plug-and-Play Service/Microsoft Corporation) 0x75400000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x75460000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x75370000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74520000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 872 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x75370000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x730D0000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Process C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) 920 Library C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\FLTLIB.DLL (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Program Files\COMODO\COMODO Internet Security\framework.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x75170000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library C:\Windows\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation) 0x76470000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x75090000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x00240000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\rasapi32.dll (Remote Access API/Microsoft Corporation) 0x74FD0000 Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x74FB0000 Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x74F70000 Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library C:\Windows\system32\wls0wndh.dll (Session0 Viewer Window Hook DLL/Microsoft Corporation) 0x74610000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\common.cav (COMODO Internet Security/COMODO) 0x33310000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\first.cav (COMODO Internet Security/COMODO) 0x33330000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\pe32.cav (COMODO Internet Security/COMODO) 0x33320000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\dosmz.cav (COMODO Internet Security/COMODO) 0x33340000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\white.cav (COMODO Internet Security/COMODO) 0x01B20000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\heur.cav (COMODO Internet Security/COMODO) 0x01B30000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\pkann.dll (COMODO Internet Security/COMODO) 0x01C30000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\pe.cav (COMODO Internet Security/COMODO) 0x01DA0000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\mach32.dll 0x03700000 Library C:\Windows\system32\crtdll.dll (Microsoft C Runtime Library/Microsoft Corporation) 0x6D570000 Library C:\Windows\system32\wsock32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x73590000 Library C:\Windows\system32\olepro32.dll (Microsoft Corporation) 0x73570000 Library C:\Windows\system32\oledlg.dll (OLE User Interface Support/Microsoft Corporation) 0x73550000 Library C:\Windows\system32\odbc32.dll (ODBC Driver Manager/Microsoft Corporation) 0x734A0000 Library C:\Windows\system32\odbcint.dll (ODBC Resources/Microsoft Corporation) 0x73420000 Library C:\Windows\system32\ws2help.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x73490000 Library C:\Windows\system32\msvcirt.dll (Windows NT IOStreams DLL/Microsoft Corporation) 0x73470000 Library C:\Windows\system32\msimg32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\msvbvm60.dll (Visual Basic Virtual Machine/Microsoft Corporation) 0x726A0000 Library C:\Windows\system32\mscoree.dll (Microsoft .NET Runtime Execution Engine/Microsoft Corporation) 0x733D0000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\unsfx.cav (COMODO Internet Security/COMODO) 0x13280000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\unpack.cav (COMODO Internet Security/COMODO) 0x132E0000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\unarch.cav (COMODO Internet Security/COMODO) 0x13370000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\gunpack.cav (COMODO Internet Security/COMODO) 0x133F0000 Library C:\Program Files\COMODO\COMODO Internet Security\SCANNERS\mem.cav (COMODO Internet Security/COMODO) 0x13440000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\wscisvif.dll (Windows Security Center ISV API/Microsoft Corporation) 0x70570000 Library C:\Windows\system32\WSCAPI.dll (Windows Security Center API/Microsoft Corporation) 0x74510000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\system32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16450000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1000 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\cryptsvc.dll (Cryptographic Services/Microsoft Corporation) 0x74900000 Library c:\windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x747F0000 Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library c:\windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x745F0000 Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library c:\windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library c:\windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library c:\windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\es.dll (COM+/Microsoft Corporation) 0x74070000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library c:\windows\system32\dnsrslvr.dll (DNS Caching Resolver Service/Microsoft Corporation) 0x73530000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\ESENT.dll (Extensible Storage Engine for Microsoft® Windows®/Microsoft Corporation) 0x72E60000 Library c:\windows\system32\nlasvc.dll (Network Location Awareness 2/Microsoft Corporation) 0x72B40000 Library c:\windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x759F0000 Library c:\windows\system32\ncsi.dll (Network Connectivity Status Indicator/Microsoft Corporation) 0x72B20000 Library c:\windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73000000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library c:\windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library c:\windows\system32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x72A90000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library c:\windows\system32\termsrv.dll (Terminal Server Remote Connections Manager/Microsoft Corporation) 0x727F0000 Library c:\windows\system32\ICAAPI.dll (DLL Interface to TermDD Device Driver/Microsoft Corporation) 0x72990000 Library c:\windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\ssdpapi.dll (SSDP Client API DLL/Microsoft Corporation) 0x72980000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library c:\windows\system32\msdtckrm.dll (MS DTCOLE Transactions KTM Resource Manager DLL/Microsoft Corporation) 0x72160000 Library c:\windows\system32\ktmw32.dll (Windows KTM Win32 Client DLL/Microsoft Corporation) 0x73460000 Library c:\windows\system32\CLUSAPI.dll (Cluster API Library/Microsoft Corporation) 0x72DC0000 Library c:\windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library c:\windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75D10000 Library c:\windows\system32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x72D80000 Library c:\windows\system32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x72D40000 Library c:\windows\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x72D10000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library c:\windows\system32\tapisrv.dll (Microsoft® Windows™ Telephony Server/Microsoft Corporation) 0x6BD60000 Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library c:\windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library c:\windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\unimdm.tsp (Unimodem 5 Service Provider/Microsoft Corporation) 0x6BB50000 Library C:\Windows\system32\uniplat.dll (Unimodem AT Mini Driver Platform Driver for Windows NT/Microsoft Corporation) 0x6D670000 Library C:\Windows\system32\kmddsp.tsp (TAPI Kernel-Mode Service Provider/Microsoft Corporation) 0x6BD00000 Library C:\Windows\system32\ndptsp.tsp (NDIS Proxy TAPI Service Provider/Microsoft Corporation) 0x6BCF0000 Library C:\Windows\system32\hidphone.tsp (Microsoft HID Phone TSP/Microsoft Corporation) 0x6BB00000 Library C:\Windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x73D70000 Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1048 Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\program files\windows defender\mpsvc.dll (Service Module/Microsoft Corporation) 0x74620000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library c:\program files\windows defender\MpClient.dll (Client Interface/Microsoft Corporation) 0x74670000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\System32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\System32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\psapi.dll (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\System32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\System32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5E45D7F9-ABAC-495F-AC98-333EBE2BE199}\mpengine.dll (Microsoft Malware Protection Engine/Microsoft Corporation) 0x736F0000 Library c:\program files\windows defender\mprtplug.dll (Realtime Protection Plugin Module/Microsoft Corporation) 0x74500000 Library C:\Windows\System32\tdh.dll (Event Trace Helper Library/Microsoft Corporation) 0x74380000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\System32\wscapi.dll (Windows Security Center API/Microsoft Corporation) 0x74510000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Process C:\Users\UltimoLee\Downloads\f7pmgey4.exe 1060 Library C:\Users\UltimoLee\Downloads\f7pmgey4.exe 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.DLL (Common Controls Library/Microsoft Corporation) 0x75090000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\shell32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1120 Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\wevtsvc.dll (Event Logging Service/Microsoft Corporation) 0x743F0000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library c:\windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library c:\windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\System32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library c:\windows\system32\audiosrv.dll (Windows Audio Service/Microsoft Corporation) 0x74590000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x74540000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library c:\windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\System32\audioses.dll (Audio Session/Microsoft Corporation) 0x74220000 Library C:\Windows\System32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x740C0000 Library C:\Windows\System32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x747E0000 Library c:\windows\system32\lmhsvc.dll (TCPIP NetBios Transport Services DLL/Microsoft Corporation) 0x73520000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library c:\windows\system32\wscsvc.dll (Windows Security Center Service/Microsoft Corporation) 0x72140000 Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library c:\windows\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x75170000 Library C:\Windows\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x72130000 Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x72490000 Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x72120000 Library C:\Windows\system32\wbem\fastprox.dll (WMI Custom Marshaller/Microsoft Corporation) 0x71C90000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\System32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\System32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\system32\wuapi.dll (Windows Update Client API/Microsoft Corporation) 0x70590000 Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74520000 Library C:\Windows\system32\shell32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1160 Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\System32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\System32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\audiosrv.dll (Windows Audio Service/Microsoft Corporation) 0x74590000 Library c:\windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x74540000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library c:\windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\System32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\System32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library c:\windows\system32\uxsms.dll (Microsoft User Experience Session Management Service/Microsoft Corporation) 0x73D90000 Library c:\windows\system32\wudfsvc.dll (Windows Driver Foundation - User-mode Driver Framework Service/Microsoft Corporation) 0x73D80000 Library c:\windows\system32\WUDFPlatform.dll (Windows Driver Foundation - User-mode Platform Library/Microsoft Corporation) 0x735C0000 Library c:\windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x759F0000 Library c:\windows\system32\tabsvc.dll (Microsoft Tablet PC Input Service/Microsoft Corporation) 0x735A0000 Library c:\windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x73D70000 Library c:\windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library c:\windows\system32\emdmgmt.dll (ReadyBoost Service/Microsoft Corporation) 0x72A00000 Library c:\windows\system32\WDSCORE.dll (Panther Engine Module/Microsoft Corporation) 0x72AE0000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library c:\windows\system32\pcasvc.dll (Program Compatibility Assistant Service/Microsoft Corporation) 0x72AC0000 Library c:\windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library c:\windows\system32\trkwks.dll (Distributed Link Tracking Client/Microsoft Corporation) 0x729A0000 Library c:\windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library c:\windows\system32\sysmain.dll (Superfetch Service Host/Microsoft Corporation) 0x72360000 Library c:\windows\system32\wpdbusenum.dll (Portable Device Enumerator/Microsoft Corporation) 0x72470000 Library C:\Windows\System32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\PortableDeviceApi.dll (Windows Portable Device API Components/Microsoft Corporation) 0x722B0000 Library C:\Windows\System32\portabledeviceconnectapi.dll (Portable Device Connection API Components/Microsoft Corporation) 0x72290000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library c:\windows\system32\wdi.dll (Windows Diagnostic Infrastructure/Microsoft Corporation) 0x72CA0000 Library C:\Windows\system32\pcadm.dll (Program Compatibility Assistant Diagnostic Module/Microsoft Corporation) 0x719C0000 Library c:\windows\system32\netman.dll (Network Connections Manager/Microsoft Corporation) 0x6E190000 Library c:\windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x74FD0000 Library c:\windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x74FB0000 Library c:\windows\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x74F70000 Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library c:\windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library c:\windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\System32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x6E3A0000 Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\System32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\System32\RASDLG.dll (Remote Access Common Dialog API/Microsoft Corporation) 0x6E0C0000 Library C:\Windows\System32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x6FFC0000 Library C:\Windows\System32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x72D80000 Library C:\Windows\System32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x72D40000 Library C:\Windows\System32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x72D10000 Library C:\Windows\System32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\System32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x6B970000 Library C:\Windows\System32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73000000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\upnp.dll (UPnP Control Point API/Microsoft Corporation) 0x70910000 Library C:\Windows\system32\SSDPAPI.dll (SSDP Client API DLL/Microsoft Corporation) 0x72980000 Library C:\Windows\System32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Library C:\Windows\system32\netcfgx.dll (Network Configuration Objects/Microsoft Corporation) 0x6D4E0000 Library C:\Windows\System32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74520000 Library C:\Windows\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x72130000 Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x72490000 Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x72120000 Library C:\Windows\system32\wbem\fastprox.dll (WMI Custom Marshaller/Microsoft Corporation) 0x71C90000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\radardt.dll (Microsoft Windows Resource Exhaustion Detector/Microsoft Corporation) 0x70010000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1172 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\mmcss.dll (Multimedia Class Scheduler Service/Microsoft Corporation) 0x74570000 Library c:\windows\system32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x747E0000 Library c:\windows\system32\profsvc.dll (ProfSvc/Microsoft Corporation) 0x74250000 Library c:\windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75FA0000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library c:\windows\system32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library c:\windows\system32\shsvcs.dll (Windows Shell Services Dll/Microsoft Corporation) 0x74130000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library c:\windows\system32\sens.dll (System Event Notification Service (SENS)/Microsoft Corporation) 0x74040000 Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x75090000 Library c:\windows\system32\schedsvc.dll (Task Scheduler Service/Microsoft Corporation) 0x742B0000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library c:\windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x759F0000 Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library c:\windows\system32\ktmw32.dll (Windows KTM Win32 Client DLL/Microsoft Corporation) 0x73460000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\wiarpc.dll (Windows Image Acquisition RPC client DLL/Microsoft Corporation) 0x733C0000 Library C:\Windows\system32\taskcomp.dll (Task Scheduler Backward Compatibility Plug-in/Microsoft Corporation) 0x73370000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library c:\windows\system32\srvsvc.dll (Server Service DLL/Microsoft Corporation) 0x72E00000 Library c:\windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\SSCORE.DLL (Server Service Core DLL/Microsoft Corporation) 0x72DF0000 Library C:\Windows\system32\FirewallAPI.DLL (Windows Firewall API/Microsoft Corporation) 0x75300000 Library C:\Windows\system32\CLUSAPI.DLL (Cluster API Library/Microsoft Corporation) 0x72DC0000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75D10000 Library C:\Windows\system32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x72D80000 Library C:\Windows\system32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x72D40000 Library C:\Windows\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x72D10000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\RESUTILS.DLL (Microsoft Cluster Resource Utility DLL/Microsoft Corporation) 0x72CF0000 Library c:\windows\system32\aelupsvc.dll (Application Experience Service/Microsoft Corporation) 0x72C90000 Library c:\windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library c:\windows\system32\ikeext.dll (IKE extension/Microsoft Corporation) 0x72C20000 Library c:\windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x730D0000 Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\system32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library c:\windows\system32\seclogon.dll (Secondary Logon Service DLL/Microsoft Corporation) 0x729C0000 Library c:\windows\system32\wbem\wmisvc.dll (WMI/Microsoft Corporation) 0x728A0000 Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x72490000 Library c:\windows\system32\iphlpsvc.dll (Service that offers IPv6 connectivity over an IPv4 network./Microsoft Corporation) 0x72310000 Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library c:\windows\system32\sqmapi.dll (SQM Client/Microsoft Corporation) 0x721D0000 Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74520000 Library C:\Windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73000000 Library C:\Windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x747F0000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x745F0000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\wbem\wbemcore.dll (Windows Management Instrumentation/Microsoft Corporation) 0x71D80000 Library C:\Windows\system32\wbem\esscli.dll (WMI/Microsoft Corporation) 0x71D30000 Library C:\Windows\system32\wbem\FastProx.dll (WMI Custom Marshaller/Microsoft Corporation) 0x71C90000 Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x71C70000 Library C:\Windows\system32\wbem\repdrvfs.dll (WMI Repository Driver/Microsoft Corporation) 0x71C20000 Library C:\Windows\system32\wbem\wmiprvsd.dll (WMI/Microsoft Corporation) 0x71B60000 Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x75930000 Library C:\Windows\system32\wbem\wbemess.dll (WMI/Microsoft Corporation) 0x71B00000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\system32\tschannel.dll (Task Scheduler Proxy/Microsoft Corporation) 0x71990000 Library C:\Windows\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x717E0000 Library c:\windows\system32\qmgr.dll (Background Intelligent Transfer Service/Microsoft Corporation) 0x70980000 Library c:\windows\system32\SHFOLDER.dll (Shell Folder Service/Microsoft Corporation) 0x70970000 Library c:\windows\system32\bitsperf.dll (Perfmon Counter Access/Microsoft Corporation) 0x70960000 Library C:\Windows\system32\bitsigd.dll (Background Intelligent Transfer Service IGD Support/Microsoft Corporation) 0x70950000 Library C:\Windows\system32\upnp.dll (UPnP Control Point API/Microsoft Corporation) 0x70910000 Library C:\Windows\system32\SSDPAPI.dll (SSDP Client API DLL/Microsoft Corporation) 0x72980000 Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x72120000 Library c:\windows\system32\wuaueng.dll (Windows Update Agent/Microsoft Corporation) 0x70620000 Library c:\windows\system32\ESENT.dll (Extensible Storage Engine for Microsoft® Windows®/Microsoft Corporation) 0x72E60000 Library c:\windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library c:\windows\system32\mspatcha.dll (Microsoft File Patch Application API/Microsoft Corporation) 0x72100000 Library C:\Windows\system32\WMsgAPI.dll (WinLogon IPC Client/Microsoft Corporation) 0x75F90000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\wer.dll (Windows Error Reporting DLL/Microsoft Corporation) 0x6BEA0000 Library C:\Windows\system32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library c:\windows\system32\rasmans.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6BD10000 Library C:\Windows\system32\rastapi.dll (Remote Access TAPI Compliance Layer/Microsoft Corporation) 0x6D5E0000 Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x74F70000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\rasppp.dll (Remote Access PPP/Microsoft Corporation) 0x6BAB0000 Library C:\Windows\system32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x6FFC0000 Library C:\Windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x74FD0000 Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x74FB0000 Library C:\Windows\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x757F0000 Library C:\Windows\system32\RASQEC.DLL (RAS Quarantine Enforcement Client/Microsoft Corporation) 0x6BA90000 Library C:\Windows\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x74990000 Library C:\Windows\System32\raschap.dll (Remote Access PPP CHAP/Microsoft Corporation) 0x6BA40000 Library C:\Windows\System32\rastls.dll (Remote Access PPP EAP-TLS/Microsoft Corporation) 0x6BA00000 Library C:\Windows\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x6DC70000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\WinSCard.dll (Microsoft Smart Card API/Microsoft Corporation) 0x74930000 Library c:\windows\system32\appinfo.dll (Application Information Service/Microsoft Corporation) 0x717D0000 Process C:\Windows\system32\AUDIODG.EXE (Windows Audio Device Graph Isolation /Microsoft Corporation) 1280 Library C:\Windows\system32\AUDIODG.EXE (Windows Audio Device Graph Isolation /Microsoft Corporation) 0x00220000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\System32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\System32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\System32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\System32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\System32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\System32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\System32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\System32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x74540000 Library C:\Windows\System32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\System32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\System32\audioses.dll (Audio Session/Microsoft Corporation) 0x74220000 Library C:\Windows\System32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x740C0000 Library C:\Windows\System32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x747E0000 Library C:\Windows\System32\audiokse.dll (Audio Ks Endpoint/Microsoft Corporation) 0x73FF0000 Library C:\Windows\System32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\System32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\System32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\System32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\System32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x744F0000 Library C:\Windows\system32\WMALFXGFXDSP.dll (SysFx DSP/Microsoft Corporation) 0x73E70000 Library C:\Windows\system32\mfplat.dll (Media Foundation Platform DLL/Microsoft Corporation) 0x73E30000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1308 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\gpsvc.dll (Group Policy Client/Microsoft Corporation) 0x73DA0000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library c:\windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library c:\windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library c:\windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library c:\windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75FA0000 Library c:\windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library c:\windows\system32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Process C:\Program Files\Windows Sidebar\sidebar.exe (Windows Sidebar/Microsoft Corporation) 1324 Library C:\Program Files\Windows Sidebar\sidebar.exe (Windows Sidebar/Microsoft Corporation) 0x00270000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396 ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x749B0000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x717B0000 Library C:\Windows\system32\sfc_os.DLL (Windows File Protection/Microsoft Corporation) 0x70580000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x717F0000 Library C:\Windows\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x6DC70000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\Wlanapi.dll (Windows WLAN AutoConfig Client Side API DLL/Microsoft Corporation) 0x6E0A0000 Library C:\Windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x6DF20000 Library C:\Windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x747C0000 Library C:\Windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x6DEF0000 Library C:\Windows\system32\DUser.dll (Windows DirectUser Engine/Microsoft Corporation) 0x75020000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\system32\wlanutil.dll (Windows Wireless LAN 802.11 Utility DLL/Microsoft Corporation) 0x747D0000 Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x71E40000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\mshtml.dll (Microsoft ® HTML Viewer/Microsoft Corporation) 0x6C070000 Library C:\Windows\system32\msls31.dll (Microsoft Line Services library file/Microsoft Corporation) 0x6D7A0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x6D5B0000 Library C:\Windows\system32\msimtf.dll (Active IMM Server DLL/Microsoft Corporation) 0x74950000 Library C:\Windows\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x6EEB0000 Library C:\Windows\system32\jscript.dll (Microsoft ® JScript/Microsoft Corporation) 0x6D6E0000 Library C:\Windows\system32\Dxtrans.dll (DirectX Media -- DirectX Transform Core/Microsoft Corporation) 0x6D6A0000 Library C:\Windows\system32\ddrawex.dll (Direct Draw Ex/Microsoft Corporation) 0x6FFB0000 Library C:\Windows\system32\DDRAW.dll (Microsoft DirectDraw/Microsoft Corporation) 0x6BF80000 Library C:\Windows\system32\DCIMAN32.dll (DCI Manager/Microsoft Corporation) 0x6E6C0000 Library C:\Windows\system32\ImgUtil.dll (IE plugin image decoder support DLL/Microsoft Corporation) 0x6E6B0000 Library C:\Windows\system32\igdumd32.dll (LDDM User Mode Driver for Intel® Graphics Technology/Intel Corporation) 0x03A40000 Library C:\Windows\system32\pngfilt.dll (IE PNG plugin image decoder/Microsoft Corporation) 0x6DE60000 Library C:\Windows\system32\Dxtmsft.dll (DirectX Media -- Image DirectX Transforms/Microsoft Corporation) 0x6BE40000 Library C:\Program Files\Windows Sidebar\wlsrvc.dll (Windows Live Services/Microsoft Corporation) 0x6D680000 Library C:\Windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x74FD0000 Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x74FB0000 Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x74F70000 Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\mscms.dll (Microsoft Color Matching System DLL/Microsoft Corporation) 0x6D600000 Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library C:\Windows\system32\icm32.dll (Microsoft Color Management Module (CMM)/Microsoft Corporation) 0x6BB10000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\thumbcache.dll (Microsoft Thumbnail Cache/Microsoft Corporation) 0x70D20000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\windowscodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x735F0000 Library C:\Windows\system32\vbscript.dll (Microsoft ® VBScript/Microsoft Corporation) 0x6D540000 Library C:\Windows\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Process C:\Windows\system32\SLsvc.exe (Microsoft Software Licensing Service/Microsoft Corporation) 1328 Library C:\Windows\system32\SLsvc.exe (Microsoft Software Licensing Service/Microsoft Corporation) 0x00E20000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1356 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\es.dll (COM+/Microsoft Corporation) 0x74070000 Library c:\windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Library c:\windows\system32\nsisvc.dll (Network Store Interface RPC server/Microsoft Corporation) 0x73510000 Library C:\Windows\system32\secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library c:\windows\system32\webclnt.dll (Web DAV Service DLL/Microsoft Corporation) 0x731F0000 Library c:\windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73000000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\shell32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\WinInet.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library c:\windows\system32\wkssvc.dll (Workstation Service DLL/Microsoft Corporation) 0x72FD0000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library c:\windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library c:\windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x75590000 Library c:\windows\system32\w32time.dll (Windows Time Service/Microsoft Corporation) 0x728D0000 Library c:\windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75D10000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library c:\windows\system32\netprofm.dll (Network List Manager/Microsoft Corporation) 0x72240000 Library c:\windows\system32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x721C0000 Library c:\windows\system32\ssdpsrv.dll (SSDP Service DLL/Microsoft Corporation) 0x708E0000 Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library c:\windows\system32\sstpsvc.dll (Provides the facility of using Secure Socket Tunneling Protocol (SSTP) to connect to remote computers (using VPN)./Microsoft Corporation) 0x6BDD0000 Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library c:\windows\system32\HTTPAPI.dll (HTTP Protocol Stack API/Microsoft Corporation) 0x6FCA0000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1388 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\ipsecsvc.dll (Windows IPsec SPD Server DLL/Microsoft Corporation) 0x72920000 Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x730D0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library c:\windows\system32\FwRemoteSvr.DLL (Windows Firewall Remote APIs Server/Microsoft Corporation) 0x729D0000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1572 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\wiaservc.dll (Still Image Devices Service/Microsoft Corporation) 0x723F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation) 0x76470000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x75090000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\wiatrace.dll (WIA Tracing/Microsoft Corporation) 0x72280000 Library C:\Windows\system32\secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x757B0000 Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75D10000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\WSDCHNGR.DLL (WSD Challenge Component/Microsoft Corporation) 0x72230000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\FunDisc.dll (Function Discovery Dll/Microsoft Corporation) 0x72200000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x71E40000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x72A90000 Process C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 1576 Library C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (AntiVir shadow copy service/Avira GmbH) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCP90.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x732E0000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCR90.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x73230000 Library C:\Windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x747F0000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x745F0000 Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00C30000 Process C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1716 Library C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 0x00D80000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\System32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\System32\secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\System32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\System32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\System32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\System32\SPOOLSS.DLL (Spooler SubSystem DLL/Microsoft Corporation) 0x72E30000 Library C:\Windows\System32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\System32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\System32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\System32\localspl.dll (Local Spooler DLL/Microsoft Corporation) 0x6FF10000 Library C:\Windows\System32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x717B0000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\System32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library C:\Windows\System32\lxdalmpm.dll (Printer Communication System/ ) 0x51000000 Library C:\Windows\system32\wls0wndh.dll (Session0 Viewer Window Hook DLL/Microsoft Corporation) 0x74610000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\System32\tcpmon.dll (Standard TCP/IP Port Monitor DLL/Microsoft Corporation) 0x6FEE0000 Library C:\Windows\System32\snmpapi.dll (SNMP Utility Library/Microsoft Corporation) 0x717C0000 Library C:\Windows\System32\wsnmp32.dll (Microsoft WinSNMP v2.0 Manager API/Microsoft Corporation) 0x6FED0000 Library C:\Windows\System32\msxml6.dll (MSXML 6.0 SP2/Microsoft Corporation) 0x6FD70000 Library C:\Windows\System32\tcpmib.dll (Standard TCP/IP Port Monitor Helper DLL/Microsoft Corporation) 0x6FD60000 Library C:\Windows\System32\mgmtapi.dll (Microsoft SNMP Manager API (uses WinSNMP)/Microsoft Corporation) 0x6FD50000 Library C:\Windows\System32\usbmon.dll (Standard Dynamic Printing Port Monitor DLL/Microsoft Corporation) 0x6FD40000 Library C:\Windows\System32\WSDMon.dll (WSD Printer Port Monitor/Microsoft Corporation) 0x6FD10000 Library C:\Windows\System32\wsdapi.dll (Web Services for Devices API DLL/Microsoft Corporation) 0x6FCB0000 Library C:\Windows\System32\HTTPAPI.dll (HTTP Protocol Stack API/Microsoft Corporation) 0x6FCA0000 Library C:\Windows\System32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73000000 Library C:\Windows\System32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\System32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x72A90000 Library C:\Windows\system32\FunDisc.dll (Function Discovery Dll/Microsoft Corporation) 0x72200000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x71E40000 Library C:\Windows\system32\spool\PRTPROCS\W32X86\lxdapp5c.dll (Print Processor/Lexmark International Inc.) 0x00B80000 Library C:\Windows\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\System32\win32spl.dll (Client Side Rendering Print Provider/Microsoft Corporation) 0x6FC30000 Library C:\Windows\System32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x6FC20000 Library C:\Windows\system32\printcom.dll (Print System COM component host/Microsoft Corporation) 0x6FC10000 Library C:\Windows\system32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\System32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\System32\inetpp.dll (Internet Print Provider DLL/Microsoft Corporation) 0x6FBE0000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Library C:\Windows\System32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000

Advertisements

Register to Remove

#11 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:11 AM

Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 1740 Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCP90.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x732E0000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCR90.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x73230000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x00380000 Library C:\Windows\system32\WTSAPI32.DLL (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\rasapi32.dll (Remote Access API/Microsoft Corporation) 0x74FD0000 Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x74FB0000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x74F70000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x00A90000 Library C:\Program Files\Avira\AntiVir Desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x731E0000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00FE0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\system32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\cryptnet.dll (Crypto Network Related API/Microsoft Corporation) 0x72CD0000 Library C:\Windows\system32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74520000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1836 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\bfe.dll (Base Filtering Engine/Microsoft Corporation) 0x73170000 Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library c:\windows\system32\mpssvc.dll (Microsoft Protection Service/Microsoft Corporation) 0x73060000 Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library c:\windows\system32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library c:\windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library c:\windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x730D0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\wfapigp.dll (Windows Firewall GPO Helper dll/Microsoft Corporation) 0x731D0000 Library C:\Windows\system32\ntmarta.dll (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library c:\windows\system32\dps.dll (WDI Diagnostic Policy Service/Microsoft Corporation) 0x72BF0000 Library c:\windows\system32\wdi.dll (Windows Diagnostic Infrastructure/Microsoft Corporation) 0x72CA0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\taskschd.dll (Task Scheduler COM API/Microsoft Corporation) 0x72B90000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x721C0000 Library C:\Windows\system32\diagperf.dll (Microsoft Performance Diagnostics/Microsoft Corporation) 0x719D0000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\pnpts.dll (PlugPlay Troubleshooter/Microsoft Corporation) 0x719B0000 Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1880 Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library c:\windows\system32\wersvc.dll (Windows Error Reporting Service/Microsoft Corporation) 0x72870000 Library C:\Windows\System32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\System32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\System32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\System32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\System32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\System32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\System32\wer.dll (Windows Error Reporting DLL/Microsoft Corporation) 0x6BEA0000 Library C:\Windows\System32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\System32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Process C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) 1968 Library C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) 0x00AA0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\TQUERY.DLL (tquery.dll/Microsoft Corporation) 0x72660000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation) 0x724F0000 Library C:\Windows\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x75170000 Library C:\Windows\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x73590000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\Msidle.dll (User Idle Monitor/Microsoft Corporation) 0x72350000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\query.dll (Content Index Utility DLL/Microsoft Corporation) 0x71F80000 Library C:\Windows\system32\en-us\tQuery.dll.mui (tquery.dll/Microsoft Corporation) 0x71BE0000 Library C:\Windows\system32\esent.dll (Extensible Storage Engine for Microsoft® Windows®/Microsoft Corporation) 0x72E60000 Library C:\Windows\system32\msscb.dll (msscb.dll/Microsoft Corporation) 0x720E0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\mssprxy.dll (Microsoft Search Proxy/Microsoft Corporation) 0x71AE0000 Library C:\Windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x747F0000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x745F0000 Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x759B0000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\cscapi.dll (Offline Files Win32 API/Microsoft Corporation) 0x719A0000 Library C:\Windows\system32\es.dll (COM+/Microsoft Corporation) 0x74070000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Library C:\Windows\System32\NaturalLanguage6.dll (Natural Language Development Platform 6/Microsoft Corporation) 0x70D40000 Process C:\Windows\ehome\ehmsas.exe (Media Center Media Status Aggregator Service/Microsoft Corporation) 2380 Library C:\Windows\ehome\ehmsas.exe (Media Center Media Status Aggregator Service/Microsoft Corporation) 0x00900000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\eHome\ehProxy.dll (Media Center Proxy/Microsoft Corporation) 0x6E7C0000 Process C:\Windows\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation) 2568 Library C:\Windows\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x00370000 Library C:\Windows\system32\igfxdev.dll (igfxdev Module/Intel Corporation) 0x003C0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Process C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) 2588 Library C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation) 0x76470000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x75090000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library C:\Windows\system32\oledlg.dll (OLE User Interface Support/Microsoft Corporation) 0x73550000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\FLTLIB.DLL (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396 ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x749B0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x75170000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x735F0000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\IconCodecService.dll (Converts a PNG part of the icon to a legacy bmp icon/Microsoft Corporation) 0x71780000 Library C:\Program Files\COMODO\COMODO Internet Security\themes\CFP.theme (COMODO Internet Security/COMODO) 0x021C0000 Library C:\Windows\system32\RICHED32.DLL (Wrapper Dll for Richedit 1.0/Microsoft Corporation) 0x74960000 Library C:\Windows\system32\RICHED20.dll (Rich Text Edit Control, v3.1/Microsoft Corporation) 0x6DE70000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\msimg32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Process C:\Windows\ehome\ehtray.exe (Media Center Tray Applet/Microsoft Corporation) 2600 Library C:\Windows\ehome\ehtray.exe (Media Center Tray Applet/Microsoft Corporation) 0x001C0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x73D70000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\eHome\ehProxy.dll (Media Center Proxy/Microsoft Corporation) 0x6E7C0000 Process C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 2668 Library C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 0x00390000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\tschannel.dll (Task Scheduler Proxy/Microsoft Corporation) 0x71990000 Library C:\Windows\system32\dimsjob.dll (DIMS Job DLL/Microsoft Corporation) 0x74370000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\pautoenr.dll (Auto Enrollment DLL/Microsoft Corporation) 0x71980000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\certcli.dll (Microsoft® Active Directory Certificate Services Client/Microsoft Corporation) 0x71920000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\certenroll.dll (Microsoft® Active Directory Certificate Services Enrollment Client/Microsoft Corporation) 0x71800000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WinSCard.dll (Microsoft Smart Card API/Microsoft Corporation) 0x74930000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 2988 Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b 7\mfc90u.dll (MFCDLL Shared Library - Retail Version/Microsoft Corporation) 0x6EA60000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCR90.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x73230000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c 2\MSVCP90.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x732E0000 Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396 ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x749B0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x717F0000 Library C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a 9dc9\MFC90ENU.DLL (MFC Language Specific Resources/Microsoft Corporation) 0x74980000 Library C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll (Antivirus Control Center Common Worker Library/Avira GmbH) 0x6DE10000 Library c:\program files\avira\antivir desktop\cfglib.dll (Antivirus configuration library/Avira GmbH) 0x731E0000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x01EB0000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x003A0000 Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00560000 Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x003D0000 Library c:\program files\avira\antivir desktop\ccgrdw.dll (Control Center Guard Worker Plugin/Avira GmbH) 0x6DC50000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x005D0000 Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x017A0000 Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x00610000 Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x017F0000 Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x01840000 Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x01DC0000 Library c:\program files\avira\antivir desktop\ccmsgrc.dll (Control Center MSG Plugin Resources/Avira GmbH) 0x01E20000 Library C:\Program Files\Avira\AntiVir Desktop\rcimage.dll (Avira AntiVir PersonalEdition Classic Master Resource File (English)/Avira GmbH) 0x02590000 Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x735F0000 Library C:\Windows\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library c:\program files\avira\antivir desktop\ccmainrc.dll (Control Center Resources/Avira GmbH) 0x02A50000 Process C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks Scheduler/RealNetworks, Inc.) 3108 Library C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks Scheduler/RealNetworks, Inc.) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\shell32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Process C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (AAM Updates Notifier Application/Adobe Systems Incorporated) 3252 Library C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (AAM Updates Notifier Application/Adobe Systems Incorporated) 0x00D20000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dll (Adobe Updater Core Library/Adobe Systems Incorporated) 0x6D2C0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\taskschd.dll (Task Scheduler COM API/Microsoft Corporation) 0x72B90000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\LogSession.dll (LogSession/Adobe Systems Incorporated) 0x01CC0000 Library C:\Windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x74FD0000 Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x74FB0000 Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x74F70000 Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74F60000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75870000 Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75760000 Library C:\Windows\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72CC0000 Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75710000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x71E40000 Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 3268 Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00660000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library c:\windows\system32\fntcache.dll (Windows Font Cache Service/Microsoft Corporation) 0x70800000 Library c:\windows\system32\ktmw32.dll (Windows KTM Win32 Client DLL/Microsoft Corporation) 0x73460000 Process C:\Windows\System32\igfxpers.exe (persistence Module/Intel Corporation) 3392 Library C:\Windows\System32\igfxpers.exe (persistence Module/Intel Corporation) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\System32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\System32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\System32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x00370000 Library C:\Windows\System32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\System32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Process dllhost.exe (COM Surrogate/Microsoft Corporation) 3572 Process C:\Windows\system32\Dwm.exe (Desktop Window Manager/Microsoft Corporation) 3824 Library C:\Windows\system32\Dwm.exe (Desktop Window Manager/Microsoft Corporation) 0x00870000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\IMM32.dll (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\dwmredir.dll (Microsoft Desktop Window Manager Redirection Component/Microsoft Corporation) 0x71750000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\system32\milcore.dll (Microsoft MIL Core Library/Microsoft Corporation) 0x71550000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x717F0000 Process C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 3844 Library C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 0x00390000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\tschannel.dll (Task Scheduler Proxy/Microsoft Corporation) 0x71990000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\System32\HotStartUserAgent.dll (Microsoft Windows HotStart User Agent/Microsoft Corporation) 0x720F0000 Library C:\Windows\System32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\System32\PlaySndSrv.dll (PlaySound Service/Microsoft Corporation) 0x717A0000 Library C:\Windows\System32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\System32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\dimsjob.dll (DIMS Job DLL/Microsoft Corporation) 0x74370000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x758E0000 Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x754E0000 Library C:\Windows\system32\pautoenr.dll (Auto Enrollment DLL/Microsoft Corporation) 0x71980000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\certcli.dll (Microsoft® Active Directory Certificate Services Client/Microsoft Corporation) 0x71920000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\certenroll.dll (Microsoft® Active Directory Certificate Services Enrollment Client/Microsoft Corporation) 0x71800000 Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x75C00000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WinSCard.dll (Microsoft Smart Card API/Microsoft Corporation) 0x74930000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\MsCtfMonitor.dll (MsCtfMonitor DLL/Microsoft Corporation) 0x71790000 Library C:\Windows\system32\MSUTB.dll (MSUTB Server DLL/Microsoft Corporation) 0x71520000 Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x717F0000 Library C:\Windows\system32\wdmaud.drv (Winmm audio system driver/Microsoft Corporation) 0x74280000 Library C:\Windows\system32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x744F0000 Library C:\Windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x74540000 Library C:\Windows\system32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x747E0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\AUDIOSES.DLL (Audio Session/Microsoft Corporation) 0x74220000 Library C:\Windows\system32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x740C0000 Library C:\Windows\system32\msacm32.drv (Microsoft Sound Mapper/Microsoft Corporation) 0x74350000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x74050000 Library C:\Windows\system32\midimap.dll (Microsoft MIDI Mapper/Microsoft Corporation) 0x74210000 Library C:\Windows\System32\TMM.dll (Microsoft Transient Multi-Monitor Manager/Microsoft Corporation) 0x71010000 Library C:\Windows\System32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x75460000 Library C:\Windows\System32\d3d9.dll (Microsoft Direct3D/Microsoft Corporation) 0x70E50000 Library C:\Windows\System32\d3d8thk.dll (Microsoft Direct3D OS Thunk Layer/Microsoft Corporation) 0x71770000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\system32\igfxTMM.dll (igfxTMM Module/Intel Corporation) 0x019C0000 Library C:\Windows\System32\QAgent.dll (Quarantine Agent Proxy/Microsoft Corporation) 0x74F00000 Library C:\Windows\System32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x730D0000 Library C:\Windows\System32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x74990000 Library C:\Windows\System32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x759F0000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Process C:\Windows\System32\hkcmd.exe (hkcmd Module/Intel Corporation) 3872 Library C:\Windows\System32\hkcmd.exe (hkcmd Module/Intel Corporation) 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\System32\hccutils.DLL (hccutils Module/Intel Corporation) 0x10000000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x00170000 Library C:\Windows\System32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\System32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\System32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\igfxsrvc.dll (igfxsrvc Module/Intel Corporation) 0x003E0000 Library C:\Windows\system32\igfxrENU.lrc (igfxres Module/Intel Corporation) 0x00B40000 Process C:\Windows\Explorer.EXE (Windows Explorer/Microsoft Corporation) 3916 Library C:\Windows\Explorer.EXE (Windows Explorer/Microsoft Corporation) 0x00AA0000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\SHDOCVW.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x71300000 Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x75460000 Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x717F0000 Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396 ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x749B0000 Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75A30000 Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x746E0000 Library C:\Windows\system32\BROWSEUI.dll (Shell Browser UI Library/Microsoft Corporation) 0x711B0000 Library C:\Windows\system32\IMM32.dll (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\DUser.dll (Windows DirectUser Engine/Microsoft Corporation) 0x75020000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x735F0000 Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75FB0000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\EhStorShell.dll (Windows Enhanced Storage Shell Extension/Microsoft Corporation) 0x71500000 Library C:\Windows\system32\IconCodecService.dll (Converts a PNG part of the icon to a legacy bmp icon/Microsoft Corporation) 0x71780000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x75520000 Library C:\Windows\system32\timedate.cpl (Time Date Control Panel Applet/Microsoft Corporation) 0x71440000 Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x746C0000 Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75C60000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x75280000 Library C:\Windows\system32\ACTXPRXY.DLL (ActiveX Interface Marshaling Library/Microsoft Corporation) 0x71150000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\PROGRA~1\WI4EB4~1\wmpband.dll (Windows Media Player Deskband/Microsoft Corporation) 0x71420000 Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75B70000 Library C:\Windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x75590000 Library C:\Windows\System32\shacct.dll (Shell Accounts Classes/Microsoft Corporation) 0x747A0000 Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 Library C:\Windows\System32\msshsq.dll (Structured Query/Microsoft Corporation) 0x70E10000 Library C:\Windows\System32\NaturalLanguage6.dll (Natural Language Development Platform 6/Microsoft Corporation) 0x70D40000 Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75A70000 Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75C20000 Library C:\Windows\System32\NLSData0009.dll (Microsoft English Natural Language Server Data and Code/Microsoft Corporation) 0x700C0000 Library C:\Windows\System32\NLSLexicons0009.dll (Microsoft English Natural Language Server Data and Code/Microsoft Corporation) 0x6F950000 Library C:\Windows\system32\authui.dll (Windows Authentication UI/Microsoft Corporation) 0x74B60000 Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\LINKINFO.dll (Windows Volume Tracking/Microsoft Corporation) 0x71410000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x6EEB0000 Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x77950000 Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x762E0000 Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x752C0000 Library C:\Windows\system32\wdmaud.drv (Winmm audio system driver/Microsoft Corporation) 0x74280000 Library C:\Windows\system32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x744F0000 Library C:\Windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x74540000 Library C:\Windows\system32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x747E0000 Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768E0000 Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x75250000 Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76170000 Library C:\Windows\system32\AUDIOSES.DLL (Audio Session/Microsoft Corporation) 0x74220000 Library C:\Windows\system32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x740C0000 Library C:\Windows\system32\ExplorerFrame.dll (ExplorerFrame/Microsoft Corporation) 0x70D10000 Library C:\Windows\system32\msacm32.drv (Microsoft Sound Mapper/Microsoft Corporation) 0x74350000 Library C:\Windows\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x74050000 Library C:\Windows\system32\midimap.dll (Microsoft MIDI Mapper/Microsoft Corporation) 0x74210000 Library C:\Windows\system32\stobject.dll (Systray shell service object/Microsoft Corporation) 0x70C30000 Library C:\Windows\system32\BatMeter.dll (Battery Meter Helper DLL/Microsoft Corporation) 0x70B70000 Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74EF0000 Library C:\Windows\system32\ntshrui.dll (Shell extensions for sharing/Microsoft Corporation) 0x70070000 Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F60000 Library C:\Windows\system32\cscapi.dll (Offline Files Win32 API/Microsoft Corporation) 0x719A0000 Library C:\Windows\system32\msiltcfg.dll (Windows Installer Configuration API Stub/Microsoft Corporation) 0x74970000 Library C:\Windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x6E830000 Library C:\Windows\system32\es.dll (COM+/Microsoft Corporation) 0x74070000 Library C:\Windows\System32\SndVolSSO.dll (SCA Volume/Microsoft Corporation) 0x70CE0000 Library C:\Windows\ehome\ehSSO.dll (Windows Media Center Shell Service Object/Microsoft Corporation) 0x70B40000 Library C:\Windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x73D70000 Library C:\Windows\System32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x6E3A0000 Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\System32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\System32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\pnidui.dll (Network System Icon/Microsoft Corporation) 0x6E1E0000 Library C:\Windows\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x74990000 Library C:\Windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x759F0000 Library C:\Windows\system32\wlanutil.dll (Windows Wireless LAN 802.11 Utility DLL/Microsoft Corporation) 0x747D0000 Library C:\Windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x75300000 Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x721C0000 Library C:\Windows\system32\Wlanapi.dll (Windows WLAN AutoConfig Client Side API DLL/Microsoft Corporation) 0x6E0A0000 Library C:\Windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x6DF20000 Library C:\Windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x747C0000 Library C:\Windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x6DEF0000 Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75890000 Library C:\Windows\System32\AltTab.dll (Windows Shell Alt Tab/Microsoft Corporation) 0x70CD0000 Library C:\Windows\system32\wpdshserviceobj.dll (Windows Portable Device Shell Service Object/Microsoft Corporation) 0x6E810000 Library C:\Windows\system32\PortableDeviceTypes.dll (Windows Portable Device (Parameter) Types Component/Microsoft Corporation) 0x6E7E0000 Library C:\Windows\system32\PortableDeviceApi.dll (Windows Portable Device API Components/Microsoft Corporation) 0x722B0000 Library C:\Windows\system32\mssprxy.dll (Microsoft Search Proxy/Microsoft Corporation) 0x71AE0000 Library C:\Windows\system32\taskschd.dll (Task Scheduler COM API/Microsoft Corporation) 0x72B90000 Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x74F30000 Library C:\Windows\System32\srchadmin.dll (Indexing Options/Microsoft Corporation) 0x6E770000 Library C:\Windows\System32\SyncCenter.dll (Microsoft Sync Center/Microsoft Corporation) 0x6D7D0000 Library C:\Windows\system32\wscntfy.dll (Windows Security Center Notification App/Microsoft Corporation) 0x6E730000 Library C:\Windows\system32\WSCAPI.dll (Windows Security Center API/Microsoft Corporation) 0x74510000 Library C:\Windows\System32\QAgent.dll (Quarantine Agent Proxy/Microsoft Corporation) 0x74F00000 Library C:\Windows\System32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x730D0000 Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75EF0000 Library C:\Windows\system32\bthprops.cpl (Bluetooth Control Panel Applet/Microsoft Corporation) 0x6DD60000 Library C:\Windows\system32\imapi2.dll (Image Mastering API v2/Microsoft Corporation) 0x6E6D0000 Library C:\Windows\system32\oobefldr.dll (Welcome Center/Microsoft Corporation) 0x6D9F0000 Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x71E40000 Library C:\Windows\system32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x6D5B0000 Library C:\Windows\system32\mscms.dll (Microsoft Color Matching System DLL/Microsoft Corporation) 0x6D600000 Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x75120000 Library C:\Windows\system32\WinSATAPI.dll (Windows System Assessment Tool API/Microsoft Corporation) 0x6C630000 Library C:\Windows\System32\msxml6.dll (MSXML 6.0 SP2/Microsoft Corporation) 0x6FD70000 Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74520000 Library C:\Windows\System32\ntlanman.dll (Microsoft® Lan Manager/Microsoft Corporation) 0x6DC30000 Library C:\Windows\System32\drprov.dll (Microsoft Terminal Server Network Provider/Microsoft Corporation) 0x72110000 Library C:\Windows\System32\davclnt.dll (Web DAV Client DLL/Microsoft Corporation) 0x6DC10000 Library C:\Windows\System32\EhStorAPI.dll (Windows Enhanced Storage API/Microsoft Corporation) 0x6D260000 Library C:\Windows\system32\dciman32.dll (DCI Manager/Microsoft Corporation) 0x6E6C0000 Process C:\Users\UltimoLee\AppData\Local\pgv.exe 3960 Library C:\Users\UltimoLee\AppData\Local\pgv.exe 0x00400000 Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77AD0000 Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x764F0000 Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77830000 Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77760000 Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x77A40000 Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76AF0000 Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C80000 Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77900000 Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76230000 Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x76440000 Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x762F0000 Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C40000 Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77C00000 Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x77C60000 Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x765D0000 Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x762D0000 Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76A70000 Library C:\Windows\system32\guard32.dll (COMODO Internet Security/COMODO) 0x10000000 Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75FF0000 Library C:\Windows\system32\fltlib.dll (Filter Library/Microsoft Corporation) 0x75FE0000 Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x74D50000 Library C:\Windows\system32\msimg32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x75440000 Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x75050000 Library C:\Windows\system32\wsock32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x73590000 Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396 ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x749B0000 Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76020000 Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x76000000 Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74360000 Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x759D0000 Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75970000 Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75CE0000 Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75F50000 Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75940000 Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x72AD0000 Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x72AA0000 Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000 Library C:\Windows\System32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75720000 Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x729F0000 Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76890000 Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76160000 Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x729E0000 Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75450000 Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x761A0000 Library C:\Windows\system32\mshtml.dll (Microsoft ® HTML Viewer/Microsoft Corporation) 0x6C070000 Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76300000 Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x766A0000 Library C:\Windows\system32\msls31.dll (Microsoft Line Services library file/Microsoft Corporation) 0x6D7A0000 Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x75480000 Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75C40000 ---- Services - GMER 1.0.15 ----

#12 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:12 AM

Service .NET CLR Data Service .NET CLR Networking Service .NET CLR Networking 4.0.0.0 Service .NET Data Provider for Oracle Service .NET Data Provider for SqlServer Service .NETFramework Service C:\Windows\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI Service C:\Windows\system32\drivers\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [DISABLED] adp94xx Service C:\Windows\system32\drivers\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [DISABLED] adpahci Service C:\Windows\system32\drivers\adpu160m.sys (Adaptec LH Ultra160 Driver (x86)/Adaptec, Inc.) [DISABLED] adpu160m Service C:\Windows\system32\drivers\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver/Adaptec, Inc.) [DISABLED] adpu320 Service adsi Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AeLookupSvc Service C:\Windows\system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD Service C:\Windows\system32\drivers\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [MANUAL] agp440 Service C:\Windows\system32\drivers\djsvs.sys (Adaptec Ultra SCSI miniport/Adaptec, Inc.) [DISABLED] aic78xx Service C:\Windows\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG Service C:\Windows\system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] aliide Service C:\Windows\system32\drivers\amdagp.sys (AMD NT AGP Filter/Microsoft Corporation) [MANUAL] amdagp Service C:\Windows\system32\drivers\amdide.sys (AMD IDE Driver/Microsoft Corporation) [DISABLED] amdide Service C:\Windows\system32\drivers\amdk7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK7 Service C:\Windows\system32\drivers\amdk8.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK8 Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Appinfo Service C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device Service C:\Windows\system32\drivers\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [DISABLED] arc Service C:\Windows\system32\drivers\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [DISABLED] arcsas Service ASPI32 Service C:\Windows\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac Service C:\Windows\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) [BOOT] atapi Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AudioEndpointBuilder Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Audiosrv Service C:\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [SYSTEM] avgio Service C:\Windows\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt Service C:\Windows\system32\DRIVERS\avipbb.sys (Avira Driver for Security Enhancement/Avira GmbH) [SYSTEM] avipbb Service (Battery Class Driver/Microsoft Corporation) BattC Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BFE Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BITS Service C:\Windows\system32\drivers\blbdrive.sys (BLB Drive Driver/Microsoft Corporation) [DISABLED] blbdrive Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [AUTO] Bonjour Service Service C:\Windows\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser Service C:\Windows\system32\drivers\brfiltlo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo Service C:\Windows\system32\drivers\brfiltup.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Browser Service C:\Windows\system32\drivers\brserid.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [DISABLED] Brserid Service C:\Windows\system32\drivers\brserwdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [DISABLED] BrSerWdm Service C:\Windows\system32\drivers\brusbmdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [DISABLED] BrUsbMdm Service C:\Windows\system32\drivers\brusbser.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer Service C:\Windows\system32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation) [DISABLED] BTHMODEM Service BTHPORT Service C:\Windows\system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] cdfs Service C:\Windows\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] cdrom Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] CertPropSvc Service C:\Windows\system32\drivers\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation) [DISABLED] circlass Service C:\Windows\System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation) [BOOT] CLFS Service C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [DISABLED] clr_optimization_v2.0.50727_32 Service C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [AUTO] clr_optimization_v4.0.30319_32 Service C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO) [AUTO] cmdAgent Service C:\Windows\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) [SYSTEM] cmdGuard Service C:\Windows\System32\DRIVERS\cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO) [SYSTEM] cmdHlp Service C:\Windows\system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] cmdide Service C:\Windows\system32\drivers\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [DISABLED] Compbatt Service C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp Service C:\Windows\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) [BOOT] crcdisk Service C:\Windows\system32\drivers\crusoe.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Crusoe Service crypt32 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CryptSvc Service DCLocator Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DcomLaunch Service C:\Windows\System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) [SYSTEM] DfsC Service C:\Windows\system32\DFSR.exe (Distributed File System Replication/Microsoft Corporation) [MANUAL] DFSR Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dhcp Service C:\Windows\system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] disk Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dnscache Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] dot3svc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DPS Service C:\Windows\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud Service C:\Windows\System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) [MANUAL] DXGKrnl Service C:\Windows\system32\DRIVERS\e1e6032.sys (Intel® PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) [MANUAL] e1express Service C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel® PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) [MANUAL] E1G60 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] EapHost Service C:\Windows\System32\drivers\ecache.sys (Special Memory Device Cache/Microsoft Corporation) [BOOT] Ecache Service C:\Windows\ehome\ehRecvr.exe (Windows Media Center Receiver Service/Microsoft Corporation) [MANUAL] ehRecvr Service C:\Windows\ehome\ehsched.exe (Windows Media Center Scheduler Service/Microsoft Corporation) [MANUAL] ehSched Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ehstart Service C:\Windows\system32\drivers\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex) [DISABLED] elxstor Service EmdCache Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EMDMgmt Service C:\Windows\system32\drivers\errdev.sys (Error Device Driver/Microsoft Corporation) [DISABLED] ErrDev Service ESENT Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Eventlog Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EventSystem Service (Microsoft Extended FAT File System/Microsoft Corporation) [MANUAL] exfat Service (Fast FAT File System Driver/Microsoft Corporation) [MANUAL] fastfat Service C:\Windows\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] fdc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] fdPHost Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] FDResPub Service C:\Windows\system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) [BOOT] FileInfo Service C:\Windows\system32\drivers\filetrace.sys (File Trace Filter Driver/Microsoft Corporation) [MANUAL] Filetrace Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Activation Licensing Service/Acresso Software Inc.) [MANUAL] FLEXnet Licensing Service Service C:\Windows\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [DISABLED] flpydisk Service C:\Windows\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] FontCache Service C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [MANUAL] FontCache3.0.0.0 Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec Service C:\Windows\system32\drivers\gagp30kx.sys (MS Generic AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] gagp30kx Service C:\Windows\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] gpsvc Service C:\Program Files\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc.) [AUTO] gupdate Service C:\Windows\system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) [MANUAL] HdAudAddService Service C:\Windows\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) [MANUAL] HDAudBus Service C:\Windows\system32\drivers\hidbth.sys (Bluetooth Miniport Driver for HID Devices/Microsoft Corporation) [DISABLED] HidBth Service C:\Windows\system32\drivers\hidir.sys (Infrared Miniport Driver for Input Devices/Microsoft Corporation) [DISABLED] HidIr Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] hidserv Service C:\Windows\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] hkmsvc Service C:\Windows\system32\drivers\hpcisss.sys (Smart Array Storport Driver/Hewlett-Packard Company) [DISABLED] HpCISSs Service C:\Windows\system32\drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP Service C:\Windows\system32\drivers\i2omp.sys (I2O Miniport Driver/Microsoft Corporation) [DISABLED] i2omp Service C:\Windows\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) [DISABLED] i8042prt Service ialm Service C:\Windows\system32\drivers\iastorv.sys (Intel Matrix Storage Manager driver (base)/Intel Corporation) [DISABLED] iaStorV Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc Service C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Graphics Kernel Mode Driver/Intel Corporation) [MANUAL] igfx Service C:\Windows\system32\drivers\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH) [DISABLED] iirsp Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] IKEEXT Service inetaccs Service C:\Windows\system32\DRIVERS\inspect.sys (COMODO Internet Security Firewall Driver/COMODO) [SYSTEM] inspect Service C:\Windows\system32\drivers\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [DISABLED] intelide Service C:\Windows\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] intelppm Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] IPBusEnum Service C:\Windows\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] iphlpsvc Service system32\DRIVERS\ipinip.sys [MANUAL] IpInIp Service C:\Windows\system32\drivers\ipmidrv.sys (WMI IPMI DRIVER/Microsoft Corporation) [DISABLED] IPMIDRV Service C:\Windows\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IPNAT Service C:\Windows\system32\drivers\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM Service C:\Windows\system32\drivers\isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) [DISABLED] isapnp Service C:\Windows\system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) [MANUAL] iScsiPrt Service C:\??\C:\Program Files\UltraISO\drivers\ISODrive.sys [SYSTEM] ISODrive Service C:\Windows\system32\drivers\iteatapi.sys (ITE IT8211 ATA/ATAPI SCSI miniport/Integrated Technology Express, Inc.) [DISABLED] iteatapi Service C:\Windows\system32\drivers\iteraid.sys (ITE IT8212 ATA RAID SCSI miniport/Integrated Technology Express, Inc.) [DISABLED] iteraid Service C:\Windows\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) [SYSTEM] kbdclass Service C:\Windows\system32\DRIVERS\kbdhid.sys (HID Keyboard Filter Driver/Microsoft Corporation) [SYSTEM] kbdhid Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] KeyIso Service C:\Windows\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] KtmRm Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanServer Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanWorkstation Service system32\DRIVERS\Lbd.sys [BOOT] Lbd Service ldap Service C:\Windows\system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) [AUTO] lltdio Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] lltdsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] lmhosts Service Lsa Service C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic Fusion-MPT FC Driver (StorPort)/LSI Logic) [DISABLED] LSI_FC Service C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic Fusion-MPT SAS Driver (StorPort)/LSI Logic) [DISABLED] LSI_SAS Service C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic Fusion-MPT SCSI Driver (StorPort)/LSI Logic) [DISABLED] LSI_SCSI Service C:\Windows\system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) [AUTO] luafv Service C:\Windows\system32\lxdacoms.exe (Printer Communication System/ ) [AUTO] lxda_device Service system32\DRIVERS\ManyCam.sys [MANUAL] ManyCam Service Manycam_LLC Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] Mcx2Svc Service C:\Windows\system32\drivers\megasas.sys (MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Corporation) [DISABLED] megasas Service C:\Windows\system32\drivers\megasr.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [DISABLED] MegaSR Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MMCSS Service C:\Windows\system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem Service C:\Windows\system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor Service C:\Windows\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] mouclass Service C:\Windows\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid Service C:\Windows\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) [BOOT] MountMgr Service C:\Windows\system32\drivers\mpio.sys (MultiPath Support Bus-Driver/Microsoft Corporation) [DISABLED] mpio Service C:\Windows\System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MpsSvc Service C:\Windows\system32\drivers\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Logic Corporation) [DISABLED] Mraid35x Service C:\Windows\system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV Service C:\Windows\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb Service C:\Windows\system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10 Service C:\Windows\system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20 Service C:\Windows\system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [DISABLED] msahci Service C:\Windows\system32\drivers\msdsm.sys (Microsoft Device Specific Module/Microsoft Corporation) [DISABLED] msdsm Service C:\Windows\System32\msdtc.exe (MS DTCconsole program/Microsoft Corporation) [MANUAL] MSDTC Service MSDTC Bridge 3.0.0.0 Service MSDTC Bridge 4.0.0.0 Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs Service C:\Windows\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] MSiSCSI Service C:\Windows\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] msiserver Service C:\Windows\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV Service C:\Windows\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK Service C:\Windows\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC Service MSSCNTRS Service C:\Windows\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios Service C:\Windows\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE Service C:\Windows\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] napagent Service C:\Windows\system32\DRIVERS\nwifi.sys (NativeWiFi Miniport Driver/Microsoft Corporation) [MANUAL] NativeWifiP Service C:\Windows\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) [BOOT] NDIS Service C:\Windows\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi Service C:\Windows\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O driver/Microsoft Corporation) [MANUAL] Ndisuio Service C:\Windows\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy Service C:\Windows\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS Service C:\Windows\System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] netbt Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] Netlogon Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Netman Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] netprofm Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing Service C:\Windows\system32\drivers\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [DISABLED] nfrd960 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] NlaSvc Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] nsi Service C:\Windows\system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) [SYSTEM] nsiproxy Service NTDS Service (NT File System Driver/Microsoft Corporation) [MANUAL] Ntfs Service C:\Windows\system32\drivers\ntrigdigi.sys (N-trig tablet digitizer in-box driver/N-trig Innovative Technologies) [DISABLED] ntrigdigi Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null Service C:\Windows\system32\drivers\nvraid.sys (NVIDIA® nForce™ RAID Driver/NVIDIA Corporation) [DISABLED] nvraid Service C:\Windows\system32\drivers\nvstor.sys (NVIDIA® nForce™ Sata Performance Driver/NVIDIA Corporation) [DISABLED] nvstor Service C:\Windows\system32\drivers\nv_agp.sys (NForce NT AGP Filter/Microsoft Corporation) [MANUAL] nv_agp Service system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt Service system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd Service C:\Windows\system32\drivers\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [DISABLED] ohci1394 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2pimsvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2psvc Service C:\Windows\system32\drivers\parport.sys (Parallel Port Driver/Microsoft Corporation) [DISABLED] Parport Service C:\Windows\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) [BOOT] partmgr Service C:\Windows\system32\drivers\parvdm.sys (VDM Parallel Driver/Microsoft Corporation) [AUTO] Parvdm Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PcaSvc Service C:\Windows\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] pci Service C:\Windows\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] pciide Service C:\Windows\system32\drivers\pcmcia.sys (PCMCIA Bus Driver/Microsoft Corporation) [DISABLED] pcmcia Service C:\Windows\System32\Drivers\pcouffin.sys (low level access layer for CD/DVD/BD devices/VSO Software) [MANUAL] pcouffin Service C:\Windows\system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) [AUTO] PEAUTH Service PerfDisk Service PerfNet Service PerfOS Service PerfProc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] pla Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PlugPlay Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPAutoReg Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PolicyAgent Service PortProxy Service C:\Windows\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport Service C:\Windows\system32\drivers\processr.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Processor Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ProfSvc Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] ProtectedStorage Service C:\Windows\system32\DRIVERS\pacer.sys (QoS Packet Scheduler/Microsoft Corporation) [SYSTEM] PSched Service C:\Windows\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20 Service C:\Windows\system32\drivers\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation) [DISABLED] ql2300 Service C:\Windows\system32\drivers\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation) [DISABLED] ql40xx Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] QWAVE Service C:\Windows\system32\drivers\qwavedrv.sys (Microsoft Quality Windows Audio Video Experience (qWave) Support Driver/Microsoft Corporation) [MANUAL] QWAVEdrv Service C:\Windows\System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasAuto Service C:\Windows\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasMan Service C:\Windows\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe Service C:\Windows\system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) [MANUAL] RasSstp Service C:\Windows\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] rdbss Service C:\Windows\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD Service RDPDD Service C:\Windows\system32\drivers\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [DISABLED] rdpdr Service C:\Windows\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD Service RDPNP Service (RDP Terminal Stack Driver/Microsoft Corporation) [MANUAL] RDPWD Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] RemoteAccess Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RemoteRegistry Service C:\Windows\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] RpcSs Service C:\Windows\system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) [AUTO] rspndr Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [AUTO] SamSs Service C:\Windows\system32\drivers\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation) [DISABLED] sbp2port Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCardSvr Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Schedule Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCPolicySvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SDRSVC Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] seclogon Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SENS Service C:\Windows\system32\drivers\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] Serenum Service C:\Windows\system32\drivers\serial.sys (Serial Device Driver/Microsoft Corporation) [DISABLED] Serial Service C:\Windows\system32\drivers\sermouse.sys (Serial Mouse Filter Driver/Microsoft Corporation) [DISABLED] sermouse Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SessionEnv Service C:\Windows\system32\drivers\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [DISABLED] sffdisk Service C:\Windows\system32\drivers\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation) [MANUAL] sffp_mmc Service C:\Windows\system32\drivers\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd Service C:\Windows\system32\drivers\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [DISABLED] sfloppy Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] SharedAccess Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ShellHWDetection Service C:\Windows\system32\drivers\sisagp.sys (SIS NT AGP Filter/Microsoft Corporation) [MANUAL] sisagp Service C:\Windows\system32\drivers\sisraid2.sys (SiS RAID Stor Miniport Driver/Microsoft Corporation) [DISABLED] SiSRaid2 Service C:\Windows\system32\drivers\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [DISABLED] SiSRaid4 Service C:\Windows\system32\SLsvc.exe (Microsoft Software Licensing Service/Microsoft Corporation) [AUTO] slsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SLUINotify Service C:\Windows\system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) [SYSTEM] Smb Service SMSvcHost 3.0.0.0 Service SMSvcHost 4.0.0.0 Service C:\Windows\System32\snmptrap.exe (SNMP Trap/Microsoft Corporation) [MANUAL] SNMPTRAP Service (loader for security processor/Microsoft Corporation) [BOOT] spldr Service C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler Service C:\Windows\System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv Service C:\Windows\System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2 Service C:\Windows\System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SSDPSRV Service C:\Windows\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [SYSTEM] ssmdrv Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SstpSvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] stisvc Service C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (SureThing Labelflash Disc Printer Service Module/MicroVision Development, Inc.) [MANUAL] stllssvr Service C:\Windows\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum Service C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (SwitchBoard Server (32 bit)/Adobe Systems Incorporated) [MANUAL] SwitchBoard Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] swprv Service C:\Windows\system32\drivers\symc8xx.sys (LSI Logic 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] Symc8xx Service C:\Windows\system32\drivers\sym_hi.sys (LSI Logic Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_hi Service C:\Windows\system32\drivers\sym_u3.sys (LSI Logic Ultra160 SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_u3 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SysMain Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TabletInputService Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TapiSrv Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TBS Service C:\Windows\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [BOOT] Tcpip Service C:\Windows\system32\DRIVERS\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [MANUAL] Tcpip6 Service C:\Windows\System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) [AUTO] tcpipreg Service C:\Windows\system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE Service C:\Windows\system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP Service C:\Windows\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) [SYSTEM] tdx Service C:\Windows\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TermService Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Themes Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] THREADORDER Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TrkWks Service C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) [MANUAL] TrustedInstaller Service TSDDD Service C:\Windows\System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation) [MANUAL] tssecsrv Service C:\Windows\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunmp Service C:\Windows\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunnel Service C:\Windows\system32\drivers\uagp35.sys (MS AGPv3.5 Filter/Microsoft Corporation) [MANUAL] uagp35 Service C:\Windows\system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation) [DISABLED] udfs Service UGatherer Service UGTHRSVC Service C:\Windows\system32\UI0Detect.exe (Interactive services detection/Microsoft Corporation) [MANUAL] UI0Detect Service C:\Windows\system32\drivers\uliagpkx.sys (ULi AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] uliagpkx Service C:\Windows\system32\drivers\uliahci.sys (ULi SATA Controller Driver/ULi Electronics Inc.) [DISABLED] uliahci Service C:\Windows\system32\drivers\ulsata.sys (Promise Ultra/Sata Series Driver for Win2003/Promise Technology, Inc.) [DISABLED] UlSata Service C:\Windows\system32\drivers\ulsata2.sys (Promise SATAII150 Series Windows Drivers/Promise Technology, Inc.) [DISABLED] ulsata2 Service C:\Windows\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) [MANUAL] umbus Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] upnphost Service usb Service C:\Windows\system32\drivers\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [DISABLED] usbccgp Service C:\Windows\system32\drivers\usbcir.sys (USB Consumer IR Driver for eHome/Microsoft Corporation) [DISABLED] usbcir Service C:\Windows\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci Service C:\Windows\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub Service C:\Windows\system32\drivers\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [DISABLED] usbohci Service C:\Windows\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint Service C:\Windows\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR Service C:\Windows\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] UxSms Service C:\Windows\System32\vds.exe (Virtual Disk Service/Microsoft Corporation) [MANUAL] vds Service C:\Windows\system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [MANUAL] vga Service C:\Windows\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave Service C:\Windows\system32\drivers\viaagp.sys (VIA NT AGP Filter/Microsoft Corporation) [MANUAL] viaagp Service C:\Windows\system32\drivers\viac7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] ViaC7 Service C:\Windows\system32\drivers\viaide.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [DISABLED] viaide Service C:\Windows\system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation) [BOOT] volmgr Service C:\Windows\System32\drivers\volmgrx.sys (Volume Manager Extension Driver/Microsoft Corporation) [BOOT] volmgrx Service C:\Windows\system32\drivers\volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) [BOOT] volsnap Service C:\Windows\system32\drivers\vsmraid.sys (VIA RAID DRIVER FOR AMD-X86-64/VIA Technologies Inc.,Ltd) [DISABLED] vsmraid Service C:\Windows\system32\vssvc.exe (Microsoft® Volume Shadow Copy Service/Microsoft Corporation) [MANUAL] VSS Service VxD Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] W32Time Service W3SVC Service C:\Windows\system32\drivers\wacompen.sys (Wacom Serial Pen Tablet HID Driver/Microsoft Corporation) [DISABLED] WacomPen Service C:\Windows\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp Service C:\Windows\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [SYSTEM] Wanarpv6 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] wcncsvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WcsPlugInService Service C:\Windows\system32\drivers\wd.sys (Microsoft Watchdog Timer Driver/Microsoft Corporation) [DISABLED] Wd Service C:\Windows\system32\drivers\Wdf01000.sys (WDF Dynamic/Microsoft Corporation) [BOOT] Wdf01000 Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WdiServiceHost Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WdiSystemHost Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WebClient Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Wecsvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] wercplsupport Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WerSvc Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WinDefend Service Windows Workflow Foundation 3.0.0.0 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WinHttpAutoProxySvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Winmgmt Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WinRM Service [MANUAL] Winsock Service WinSock2 Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Wlansvc Service C:\Windows\system32\drivers\wmiacpi.sys (Windows Management Interface for ACPI/Microsoft Corporation) [DISABLED] WmiAcpi Service WmiApRpl Service C:\Windows\system32\wbem\WmiApSrv.exe (WMI Performance Reverse Adapter/Microsoft Corporation) [MANUAL] wmiApSrv Service C:\Program Files\Windows Media Player\wmpnetwk.exe (Windows Media Player Network Sharing Service/Microsoft Corporation) [MANUAL] WMPNetworkSvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WPCSvc Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WPDBusEnum Service C:\Windows\system32\DRIVERS\wpdusb.sys (WPD USB Driver/Microsoft Corporation) [MANUAL] WpdUsb Service C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (wpffontcache_v0400.exe/Microsoft Corporation) [MANUAL] WPFFontCache_v0400 Service C:\Windows\system32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) [DISABLED] ws2ifsl Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wscsvc Service C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) [AUTO] WSearch Service WSearchIdxPi Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wuauserv Service C:\Windows\system32\DRIVERS\WUDFRd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WUDFRd Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wudfsvc Service xmlprov Service {409452A3-5B92-4468-B2C6-D644AE9F4822} ---- EOF - GMER 1.0.15 ----

#13 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:12 AM

Hope thats alright, the only way the board would let me post

#14 Ultilee Stupid

Authentic Member

Authentic Member
197 posts

Posted 02 April 2011 - 06:13 AM

OTL logfile created on: 02/04/2011 12:06:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\UltimoLee\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 66.14 Gb Free Space | 44.38% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: VJones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\UltimoLee\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\UltimoLee\AppData\Local\pgv.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Windows\System32\lxdacoms.exe ( )

========== Modules (SafeList) ==========

MOD - C:\Users\UltimoLee\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\guard32.dll (COMODO)

========== Win32 Services (SafeList) ==========

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxda_device) -- C:\Windows\System32\lxdacoms.exe ( )

========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdguard.sys (COMODO)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ISODrive) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT1142338
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll (W3i, LLC)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/22 16:40:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/23 17:04:49 | 000,000,000 | ---D | M]

[2010/07/22 16:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VJones\AppData\Roaming\Mozilla\Extensions
[2009/03/31 00:54:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VJones\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com
[2011/03/31 19:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VJones\AppData\Roaming\Mozilla\Firefox\Profiles\b3ps2o0c.default\extensions
[2010/11/07 23:51:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\VJones\AppData\Roaming\Mozilla\Firefox\Profiles\b3ps2o0c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/07 23:51:56 | 000,000,000 | ---D | M] (Softonic English Toolbar) -- C:\Users\VJones\AppData\Roaming\Mozilla\Firefox\Profiles\b3ps2o0c.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}
[2010/07/23 17:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/23 17:04:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/01/03 20:39:01 | 000,000,000 | ---D | M] (Seekeen) -- C:\Program Files\Mozilla Firefox\extensions\{DB390D2E-0FB4-413F-B039-AE342D1D40BA}
[2009/03/31 00:46:30 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2009/03/31 00:46:38 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2010/06/22 04:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/13 22:44:53 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/07/13 22:44:53 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/07/13 22:44:53 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/07/13 22:44:53 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Softonic English Toolbar) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (NetAssistantBHO Class) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll (W3i, LLC)
O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - File not found
O3 - HKLM\..\Toolbar: (Softonic English Toolbar) - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (My.Freeze.com Toolbar) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (My.Freeze.com Toolbar) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - File not found
O9 - Extra Button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - Reg Error: Key error. File not found
O9 - Extra Button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\VJones\Desktop\Documents\tigers.JPG
O24 - Desktop BackupWallPaper: C:\Users\VJones\Desktop\Documents\tigers.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/04/01 11:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/04/01 11:33:01 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2011/04/01 11:32:57 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011/04/01 11:32:57 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011/04/01 11:31:54 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/04/01 11:31:41 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/01 11:31:41 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/04/01 11:31:41 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/04/01 11:31:41 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/01 11:31:38 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011/04/01 11:30:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2011/04/01 11:30:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2011/04/01 11:30:20 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2011/04/01 11:30:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2011/04/01 11:30:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2011/04/01 11:30:08 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011/04/01 11:30:08 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2011/04/01 11:30:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2011/04/01 11:30:07 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011/04/01 11:30:07 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/04/01 11:30:07 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2011/04/01 11:30:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2011/04/01 11:28:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/04/01 11:28:01 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/03/31 21:54:35 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011/03/31 20:34:58 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/03/31 20:34:57 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/03/31 20:34:57 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/03/31 20:34:56 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/03/31 20:34:56 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/03/31 20:34:56 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/03/31 20:34:55 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/03/31 20:34:55 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/03/31 20:34:53 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/03/31 20:34:53 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/03/31 20:34:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/03/31 20:34:49 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/03/31 20:34:23 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/03/31 20:18:54 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/03/31 20:18:54 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/03/31 20:18:54 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/03/31 20:18:52 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/03/31 20:18:50 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/31 20:18:50 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/03/31 20:18:49 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/03/31 20:18:49 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/03/31 20:18:47 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/03/31 20:18:47 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/31 20:18:46 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/03/31 20:10:55 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/03/31 18:57:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/03/31 18:57:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/03/31 18:57:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/03/09 20:50:34 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/09 20:50:33 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/09 20:50:32 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/09 20:50:31 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2009/03/26 15:44:29 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxdainpa.dll
[2009/03/26 15:44:29 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXDAhcp.dll
[2009/03/26 15:44:28 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxdaserv.dll
[2009/03/26 15:44:28 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxdausb1.dll
[2009/03/26 15:44:28 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxdapmui.dll
[2009/03/26 15:44:28 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxdalmpm.dll
[2009/03/26 15:44:28 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxdaiesc.dll
[2009/03/26 15:44:28 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxdaprox.dll
[2009/03/26 15:44:28 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxdapplc.dll
[2009/03/26 15:44:27 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxdahbn3.dll
[2009/03/26 15:44:27 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxdacomc.dll
[2009/03/26 15:44:27 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxdacoms.exe
[2009/03/26 15:44:27 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxdacomm.dll
[2009/03/26 15:44:27 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxdaih.exe
[2009/03/26 15:44:27 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxdacfg.exe
[2009/01/06 18:40:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\VJones\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/04/02 12:07:00 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2011/04/02 12:07:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{26438954-F43E-45EA-B377-13E87D63FBD8}.job
[2011/04/02 12:07:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{04F1B430-67A1-4B31-962C-B500816EFE55}.job
[2011/04/02 12:06:29 | 000,011,376 | -HS- | M] () -- C:\ProgramData\1pu4igwom771p2571ra12y7fk5447qc4010k6c3cbv2p5ub
[2011/04/02 11:42:43 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/02 11:42:43 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/02 11:40:11 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/02 11:40:11 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job
[2011/04/02 11:37:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/02 11:37:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/02 11:37:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/02 11:37:02 | 2134,081,536 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/02 01:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/01 22:14:56 | 000,000,400 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3E4E7D37-EA7D-43AC-8038-284715408613}.job
[2011/04/01 20:09:37 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for VJones.job
[2011/04/01 14:59:48 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{09CC4FE3-90EB-45E2-9902-ADEE35007982}.job
[2011/04/01 11:39:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/04/01 11:39:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/31 21:54:27 | 000,000,036 | ---- | M] () -- C:\Users\VJones\AppData\Local\housecall.guid.cache
[2011/03/31 19:09:13 | 003,631,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/03/28 18:08:00 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/03/14 21:51:19 | 184,998,479 | ---- | M] () -- C:\Windows\MEMORY.DMP

========== Files Created - No Company Name ==========

[2011/04/01 11:39:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/04/01 11:39:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/31 21:54:27 | 000,000,036 | ---- | C] () -- C:\Users\VJones\AppData\Local\housecall.guid.cache
[2011/03/31 17:59:43 | 000,011,376 | -HS- | C] () -- C:\ProgramData\1pu4igwom771p2571ra12y7fk5447qc4010k6c3cbv2p5ub
[2011/02/02 18:42:21 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/02/02 18:42:16 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/02/02 18:42:15 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/02/02 18:42:11 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/26 00:44:51 | 019,473,201 | ---- | C] () -- C:\ProgramData\vlc-1.1.1-win32.exe
[2009/12/17 17:55:23 | 002,392,064 | ---- | C] () -- C:\Windows\System32\videotrans.dll
[2009/12/17 17:55:23 | 000,215,040 | ---- | C] () -- C:\Windows\System32\videoformat.dll
[2009/12/17 17:55:22 | 000,061,440 | ---- | C] () -- C:\Windows\System32\imgscaler.dll
[2009/12/17 17:55:22 | 000,022,016 | ---- | C] () -- C:\Windows\System32\img_utils.dll
[2009/09/15 19:37:21 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2009/09/14 00:34:07 | 000,000,088 | ---- | C] () -- C:\Users\VJones\AppData\Roaming\wklnhst.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/21 23:02:22 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/07/21 23:02:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/14 21:41:01 | 000,001,044 | ---- | C] () -- C:\Users\VJones\AppData\Roaming\vso_ts_preview.xml
[2009/03/26 15:44:29 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXDAinst.dll
[2009/03/26 15:44:28 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxdautil.dll
[2009/03/18 13:24:34 | 000,000,308 | ---- | C] () -- C:\Windows\LEXSTAT.INI
[2009/01/22 22:29:28 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009/01/21 21:31:33 | 000,011,264 | ---- | C] () -- C:\Users\VJones\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/06 18:40:41 | 000,087,608 | ---- | C] () -- C:\Users\VJones\AppData\Roaming\inst.exe
[2009/01/06 18:40:41 | 000,007,887 | ---- | C] () -- C:\Users\VJones\AppData\Roaming\pcouffin.cat
[2009/01/06 18:40:41 | 000,001,144 | ---- | C] () -- C:\Users\VJones\AppData\Roaming\pcouffin.inf
[2009/01/02 20:31:21 | 000,000,552 | ---- | C] () -- C:\Users\VJones\AppData\Local\d3d8caps.dat
[2009/01/02 20:28:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/02 19:03:58 | 000,000,680 | ---- | C] () -- C:\Users\VJones\AppData\Local\d3d9caps.dat
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 20:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 20:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 20:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007/01/22 10:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdacoin.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 003,631,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,608,760 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,268 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/27 13:19:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdavs.dll
[2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2009/09/12 21:12:50 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\DriverCure
[2009/09/15 18:34:59 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\FMZilla
[2009/03/31 00:53:55 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\Greyfirst
[2010/02/22 01:02:19 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\ManyCam
[2009/09/12 22:44:21 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\Reg Tool
[2009/09/12 20:37:40 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\Systweak
[2009/09/14 00:34:09 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\Template
[2010/09/12 23:08:10 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\uTorrent
[2009/07/15 16:51:49 | 000,000,000 | ---D | M] -- C:\Users\VJones\AppData\Roaming\Vso
[2011/03/28 18:08:00 | 000,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/04/02 11:40:11 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\PCConfidential.job
[2011/04/02 01:48:40 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/04/02 12:07:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{04F1B430-67A1-4B31-962C-B500816EFE55}.job
[2011/04/01 14:59:48 | 000,000,414 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{09CC4FE3-90EB-45E2-9902-ADEE35007982}.job
[2011/04/02 12:07:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{26438954-F43E-45EA-B377-13E87D63FBD8}.job
[2011/04/01 22:14:56 | 000,000,400 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3E4E7D37-EA7D-43AC-8038-284715408613}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/09/15 18:42:06 | 000,106,359 | ---- | M] () -- C:\aaw7boot.log
[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/01/03 02:38:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2004/04/06 01:02:00 | 000,188,482 | ---- | M] (RealNetworks, Inc.) -- C:\helixprodctrl.dll
[2011/04/02 11:37:02 | 2134,081,536 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/18 13:16:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/01/09 19:09:30 | 000,001,284 | ---- | M] () -- C:\MP4debug.log
[2009/03/18 13:16:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/04/02 11:37:01 | 2449,948,672 | -HS- | M] () -- C:\pagefile.sys
[2002/12/06 15:02:00 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\pncrt.dll
[2009/01/09 17:30:48 | 000,004,747 | ---- | M] () -- C:\unins000.dat
[2003/11/28 05:00:00 | 000,075,922 | ---- | M] (Jordan Russell) -- C:\unins000.exe

< %systemroot%\Fonts\*.com >
[2006/11/02 13:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 13:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 13:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2011/03/31 18:33:06 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 22:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2007/01/29 05:05:52 | 000,102,400 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\lxdapp5c.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/21 03:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >

< %USERPROFILE%\Deskuop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-01 15:49:11

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >
[2006/11/02 13:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\en-US\explorer.exe.mui
[2006/11/02 13:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_03bbc52176b6ba20\explorer.exe.mui

< MD5 for: EXPLORER.EXE-7A3328DA.PF >
[2011/04/02 12:00:38 | 000,200,846 | ---- | M] () MD5=EFAF4FFC37E8808347DA2A2572A664B3 -- C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf

< MD5 for: IEXPLORE.EXE >
[2009/01/15 05:14:36 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=0844F5B9CB3BB85A917D347EF1565B6C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe
[2009/11/21 07:42:38 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=1B6362BB14FCEB9E76BCF9A953B04788 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_120f459f2ff7e1f8\iexplore.exe
[2009/07/18 13:16:49 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1D5A01AA2DE47C052AF46D7EBCB003A3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\iexplore.exe
[2009/07/18 22:39:09 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1D8163DBFECAEDB9C48C5F55084BC491 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\iexplore.exe
[2009/03/03 05:18:52 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=1DD66A2851DACDEC32EAE8F9A8865ABD -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21023_none_2df29b2236034119\iexplore.exe
[2009/04/24 17:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1F44940EF1D07D0BDAF80E55853DFBD0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe
[2010/02/23 16:06:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=25DB705A7DC85C208B3CF2D20F118AA7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_127872a6492dd595\iexplore.exe
[2009/04/11 07:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[2009/08/27 06:23:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=2E48756F12C21F46895036AC089AAD97 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\iexplore.exe
[2010/01/02 15:58:26 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=3D8DA00B028DEA9517066F1CECBFC4A2 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_128c11ea491f6b05\iexplore.exe
[2010/05/04 07:32:18 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=48A6109E8DF0365195298CC527B7426A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_12d2cb5048e98eab\iexplore.exe
[2010/09/08 07:26:34 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4A719476A6393B1DCACFEB4F3AC6599C -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_129abb204913e7b2\iexplore.exe
[2009/07/22 07:04:09 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4B5AEA50CE77FBA4C2D169622DC9B489 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe
[2008/10/16 05:27:53 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=4CBA2F58668F2D5F3259CBE73E227F25 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20937_none_2debf43c36078f24\iexplore.exe
[2010/11/02 07:03:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5AB037B17F8A87D052F5A88E0D29A3C8 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_11f2d8e9300c984e\iexplore.exe
[2008/01/21 03:23:50 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
[2010/05/04 07:00:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5C9B1062EA7A44E8F6BFDE994B68C7AA -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_123d88132fd4bb60\iexplore.exe
[2010/06/26 07:06:48 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7420BE0E7D3D1320054F7ACA0594953D -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_1222e6c92fe9748f\iexplore.exe
[2010/12/18 08:19:44 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7852371DA9EFBC17B645558E23780EAC -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_12cacae648f0c11a\iexplore.exe
[2009/08/27 14:31:08 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=7DD482E4A2E3CBB0A72F718C342F5B75 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\iexplore.exe
[2009/07/18 13:16:45 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=7FCF4E704A48D95202F3E7A1E1A21412 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\iexplore.exe
[2010/01/02 07:40:20 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=88BD42DAE7CFFEB256CA7145A15E4843 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_11f6a4e9300acdd5\iexplore.exe
[2009/03/03 05:32:44 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=8BA2B7A05F88BE0D45237A0994AD8366 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22389_none_2f9e23da3354de78\iexplore.exe
[2010/11/02 08:13:47 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=92A17B0A89D14815AACC62CD190B6CE3 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_127449a04931a37b\iexplore.exe
[2009/03/03 05:40:22 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=9E6C1527D9A2C64BFD780AA23075380F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18226_none_2f5265b91a094b03\iexplore.exe
[2010/02/23 07:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9F52FBE99C749E3F32C75124F09F1B03 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_124f26c32fc81e22\iexplore.exe
[2009/03/08 22:09:24 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
[2010/12/18 07:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=B988D7F127B94BD5BF8356FE81B985C4 -- C:\Program Files\Internet Explorer\iexplore.exe
[2010/12/18 07:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=B988D7F127B94BD5BF8356FE81B985C4 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_1249306b2fcbec08\iexplore.exe
[2009/07/21 22:53:43 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=C33BD196A0301F9B23D9A003D30ED8B0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe
[2009/04/24 17:03:18 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D5271AC4A06AD9D1E2EA0151B79B2657 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe
[2010/09/08 07:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=D5A730DFDEAE005373E62BC2A866E3BB -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_120477992ffffb10\iexplore.exe
[2009/04/24 17:01:36 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D6157423C117F24D24695866A1D0A93F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe
[2008/10/16 05:42:58 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=D762642A109433EEDCD332B0A9511137 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16764_none_2d3ee4e91d04fa01\iexplore.exe
[2009/11/21 16:05:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=E7F8DF50E483D165BB01F367D3519AA7 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_12a4b2a0490c7f28\iexplore.exe
[2009/03/03 05:22:10 | 000,636,072 | ---- | M] (Microsoft Corporation) MD5=EA4BE33726155F89D89A3FE7142878E0 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16830_none_2d5b556b1cf03df9\iexplore.exe
[2009/07/18 12:55:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=EBEE9E4421F35CD861107DDA0266FBB1 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\iexplore.exe
[2010/06/26 07:52:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=F05B3A2C6CB319DD1377AD566CF5ECE5 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_12a958f24909fe6f\iexplore.exe
[2009/01/15 05:18:47 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=F0B1CA517977BA2FF6DA33F1B966C488 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe
[2009/04/24 17:08:04 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=F294D8EEB05C835EC44A12CE0A1DFE7A -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2006/11/02 13:41:15 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_3b55b11a57da5590\iexplore.exe.mui
[2009/03/08 22:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 22:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_207795706a90d6c1\iexplore.exe.mui

< MD5 for: IEXPLORE.EXE-1B894AFB.PF >
[2011/04/01 18:47:45 | 000,209,318 | ---- | M] () MD5=1FFBCDE001CB053F2B644D0299D27F20 -- C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2008/01/21 03:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2008/01/21 03:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui
[2006/11/02 13:40:50 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui

< MD5 for: WINLOGON.EXE-8163EECC.PF >
[2011/04/02 01:02:53 | 000,033,540 | ---- | M] () MD5=E1A7B00280C40B041738D9EBB78867DD -- C:\Windows\Prefetch\WINLOGON.EXE-8163EECC.pf

< MD5 for: WINLOGON.MOF >
[2006/09/18 22:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\System32\wbem\winlogon.mof
[2006/09/18 22:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof

========== Alternate Data Streams ==========

@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 02/04/2011 12:06:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\UltimoLee\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 66.14 Gb Free Space | 44.38% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: VJones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1639CFB5-57C2-422D-AA68-0596AC2DC476}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdapswx.exe |
"{1E890BF5-599E-44EC-93A1-E1D9F31D9DB0}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{3EE111F7-1585-42D6-8FC5-A7CA9953B01C}" = protocol=6 | dir=in | app=c:\windows\system32\lxdacoms.exe |
"{4257CDA0-C586-4EBF-83A5-BD57E7B8AF97}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{4E3BC2FD-3D7D-45D7-BD20-C635C424E231}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{577AE97C-FDA6-4CE9-9A8A-1B2D2C925A54}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{5C2E9023-6362-48AB-A5A8-C9340A34AAEF}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6139DE7E-4865-4770-AAF7-61CF96EA8433}" = protocol=6 | dir=in | app=c:\program files\konami\pro evolution soccer 2008\pes2008.exe |
"{9C8C5190-5E08-4711-91ED-8DBA45BCDC3F}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{ACBF89D6-D00F-46A1-8079-4392BD305B00}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C1BAE1C5-7189-4CC6-99A8-2B07FF20BD71}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D7F3617B-AE69-46E6-902F-E894EF0D63E6}" = dir=in | app=c:\program files\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{DA64ED50-053E-4E53-8402-043D8F6B765F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F571D738-1649-498E-B1B8-7F3628BCDE91}" = protocol=17 | dir=in | app=c:\windows\system32\lxdacoms.exe |
"{F898DDBF-9D12-40A1-A6AF-C9775642D85D}" = protocol=17 | dir=in | app=c:\program files\konami\pro evolution soccer 2008\pes2008.exe |
"{FCF652B0-B858-446F-9A69-1A42D248A498}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdapswx.exe |
"TCP Query User{20C777A6-0D45-4F84-86D9-AB6F9D6D9970}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3EAF1F4D-ADF6-4E65-86B2-4E0F84D37CD8}C:\users\chughes\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\chughes\downloads\utorrent.exe |
"TCP Query User{6D0E48A2-106F-49BD-9A21-5C1156639BDB}C:\users\ultimolee\downloads\utorrent-1.8.2.upx.exe" = protocol=6 | dir=in | app=c:\users\ultimolee\downloads\utorrent-1.8.2.upx.exe |
"TCP Query User{728FB822-7833-4FB3-A5DD-3962382F2E31}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{82DE2037-1C5F-4BCA-9A35-FEB8288AA27D}C:\users\chughes\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\chughes\desktop\utorrent.exe |
"TCP Query User{A9DC45EF-E9D5-47EC-A54A-E9B2ED27D430}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{C3C0F0F7-FBD5-45B0-B053-7E51A6A6EBB8}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{C8CC6774-5CA2-466F-9F49-0E83C2102D77}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D88C3258-6AC4-46D1-9230-73623C8DE799}C:\program files\free music zilla\fmzilla.exe" = protocol=6 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"TCP Query User{E5690AD5-D590-4CEA-B390-9B36E3592F7A}C:\users\ultimolee\desktop\utorrent-1.8.2.upx.exe" = protocol=6 | dir=in | app=c:\users\ultimolee\desktop\utorrent-1.8.2.upx.exe |
"UDP Query User{1F6458CD-76C9-45A5-9F55-F8A2A0CD5745}C:\users\ultimolee\downloads\utorrent-1.8.2.upx.exe" = protocol=17 | dir=in | app=c:\users\ultimolee\downloads\utorrent-1.8.2.upx.exe |
"UDP Query User{2AD04F48-77F8-4CD0-9502-E6AE519A6B82}C:\users\ultimolee\desktop\utorrent-1.8.2.upx.exe" = protocol=17 | dir=in | app=c:\users\ultimolee\desktop\utorrent-1.8.2.upx.exe |
"UDP Query User{54EDFBE3-3F25-4A3D-94C8-42954A7A5566}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{628763CA-9C97-4A41-A1B3-18D103AAD62C}C:\program files\free music zilla\fmzilla.exe" = protocol=17 | dir=in | app=c:\program files\free music zilla\fmzilla.exe |
"UDP Query User{7C7214A0-7EA0-4F04-BB69-3C30A1EE3664}C:\users\chughes\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\chughes\downloads\utorrent.exe |
"UDP Query User{94D4AB4F-9CA1-441F-987D-B04F36A27BE1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C1E520D2-C586-4E1E-B8BE-672B33184448}C:\users\chughes\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\chughes\desktop\utorrent.exe |
"UDP Query User{C3290CF2-E1E5-4F7A-A66E-FF3A222103BB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{FBF68B1B-8C38-4FA3-8F56-5440B315BDEA}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{FDD187AC-1DCF-41B1-A206-FCBFA90298FC}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 21
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.6.10.170c
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.7.343
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E1C256F5-58C6-44E9-939A-E1189C8126E2}" = Google SketchUp Pro 7
"{E47D2974-AA5E-FlvAVI-B984-3CA48DFA2849}_is1" = FLAV FLV to AVI Converter 2.58.16
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"Celtx (2.0)" = Celtx (2.0)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COMODO Internet Security" = COMODO Internet Security
"DivX Setup.divx.com" = DivX Setup
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"FastImageResizer" = FastImageResizer (remove only)
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"Kingdia Video to AVI DIVX WMV DVD MOV ASF MPEG F~648C5368_is1" = Kingdia Video to AVI DIVX WMV DVD MOV ASF MPEG FLV Converter V1
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.8.5
"Lexmark 640 Series" = Lexmark 640 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"My.Freeze.com Toolbar" = My.Freeze.com Toolbar
"NSS" = Norton Security Scan
"PeerGuardian_is1" = PeerGuardian 2.0
"RealPlayer 6.0" = RealPlayer
"Softonic_English Toolbar" = Softonic_English Toolbar
"Spotify" = Spotify
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"The Rosetta Stone" = The Rosetta Stone
"UltraISO_is1" = UltraISO Premium V9.35
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 1.0.0-rc3
"VobSub" = VobSub v2.23 (Remove Only)
"Vodei Multimedia Processor" = Vodei Multimedia Processor 2.10
"Win AVI HelixSDK_is1" = Win AVI HelixSDK
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 01/04/2011 11:48:01 | Computer Name = Home-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 01/04/2011 11:48:10 | Computer Name = Home-PC | Source = VSS | ID = 12289
Description =

Error - 01/04/2011 11:48:11 | Computer Name = Home-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 01/04/2011 11:48:13 | Computer Name = Home-PC | Source = VSS | ID = 12289
Description =

Error - 01/04/2011 15:24:32 | Computer Name = Home-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.2.3846 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: e88 Start Time: 01cbf07fa9b29120 Termination Time: 20341

Error - 01/04/2011 17:42:32 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/04/2011 06:38:51 | Computer Name = Home-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/04/2011 06:48:09 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Faulting application f7pmgey4.exe, version 1.0.15.15570, time stamp
0x4d86265c, faulting module f7pmgey4.exe, version 1.0.15.15570, time stamp 0x4d86265c,
exception code 0xc0000005, fault offset 0x0000c676, process id 0xdd8, application
start time 0x01cbf122f3754bc8.

Error - 02/04/2011 06:57:08 | Computer Name = Home-PC | Source = Perflib | ID = 1010
Description =

Error - 02/04/2011 07:07:04 | Computer Name = Home-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ System Events ]
Error - 31/03/2011 20:36:51 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 01/04/2011 06:18:36 | Computer Name = Home-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 001EC9643772 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 01/04/2011 06:20:13 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 01/04/2011 06:40:10 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =

Error - 01/04/2011 06:43:09 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 01/04/2011 11:14:33 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 01/04/2011 17:42:33 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 01/04/2011 20:02:55 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =

Error - 02/04/2011 06:37:20 | Computer Name = Home-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 001EC9643772 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 02/04/2011 06:38:51 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7026
Description =

< End of report >

#15 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 02 April 2011 - 11:39 AM

Hi Ultilee Stupid,

µTorrent
You have LimeWire, a P2P/file sharing program installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.

References for the risk of these programs can be found in these links:
http://www.microsoft...protection.mspx

http://www.internetw...cles/art053.htm

I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove this program, you can do so via Control Panel

Depending on your setings, either

click on the Uninstall a program option under the Programs category.
If you are using the Classic View of the Control Panel, then you would double-click on the Programs and Features icon instead.

If you wish to keep it, please do not use it until your computer is cleaned.

Next

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
Right click on ComboFix.exe, click Run as Administrator & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Please post back with the combofix log.

Thanks

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Body Background

skin color theme