Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Mtusx9

Análise de log

Recommended Posts

Pc lento e seta do mouse mexendo sozinha

DDS (Ver_10-12-12.02) - NTFSx86

Run by User at 22:49:39,26 on seg 07/03/2011

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.959.571 [GMT -3:00]

AV: Avira AntiVir PersonalEdition *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

FW: COMODO Firewall *Disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

svchost.exe

C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\User\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\arquivos de programas\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Facilitador de Leitor de Link Adobe PDF: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\arquivos de programas\real\realplayer\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\arquivos de programas\hp\digital imaging\smart web printing\hpswp_BHO.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [VTTimer] VTTimer.exe

mRun: [VTTrayp] VTtrayp.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [iSUSScheduler] "c:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start

mRun: [avgnt] "c:\arquivos de programas\avira\antivir personaledition classic\avgnt.exe" /min

mRun: [iSUSPM Startup] c:\arquiv~1\arquiv~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [COMODO Internet Security] "c:\arquivos de programas\comodo\comodo internet security\cfp.exe" -h

mRun: [Emurayden PSX Emulator]

mRun: [sunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe"

mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe

mRun: [hpqSRMon] c:\arquivos de programas\hp\digital imaging\bin\hpqSRMon.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\arquiv~1\arquiv~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\user\menuin~1\progra~1\inicia~1\imvu.lnk - c:\documents and settings\user\dados de aplicativos\imvuclient\IMVUQualityAgent.exe

StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\hpdigi~1.lnk - c:\arquivos de programas\hp\digital imaging\bin\hpqtra08.exe

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\user\menu iniciar\programas\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\arquivos de programas\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

TCP: {D16667CF-5B7D-41B2-9531-58289F21F6E7} = 200.175.89.139,200.175.5.139

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user\dadosd~1\mozilla\firefox\profiles\6vmzx1sc.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - plugin: c:\arquivos de programas\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\arquivos de programas\mozilla firefox\plugins\NPplaynet.dll

FF - plugin: c:\documents and settings\all users\dados de aplicativos\nexonus\ngm\npNxGameUS.dll

FF - plugin: c:\documents and settings\user\configuraã§ãµes locais\dados de aplicativos\unity\webplayer\loader\npUnity3D32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de programas\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard

============= SERVICES / DRIVERS ===============

R0 94520242;94520242 Boot Guard Driver;c:\windows\system32\drivers\94520242.sys [2010-8-2 37392]

R1 69159721;69159721;c:\windows\system32\drivers\69159721.sys [2010-8-2 128016]

R1 94520241;94520241;c:\windows\system32\drivers\94520241.sys [2010-8-2 128016]

R1 avgio;avgio;c:\arquivos de programas\avira\antivir personaledition classic\avgio.sys [2008-12-22 11608]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-6-4 239240]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-6-1 25240]

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\arquivos de programas\avira\antivir personaledition classic\sched.exe [2008-12-22 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\arquivos de programas\avira\antivir personaledition classic\avguard.exe [2008-12-22 151297]

R2 cmdAgent;COMODO Internet Security Helper Service;c:\arquivos de programas\comodo\comodo internet security\cmdagent.exe [2010-6-1 1901056]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-26 50704]

R2 Wi2GeoMagicScanner;Wi2Geo Magic Scanner;c:\arquivos de programas\wi2geo\magic scanner\Wi2Geo.MagicScanner.exe [2009-3-18 616960]

R3 avgntflt;avgntflt;c:\arquivos de programas\avira\antivir personaledition classic\avgntflt.sys [2008-12-22 52056]

S0 69159722;69159722 Boot Guard Driver;c:\windows\system32\drivers\69159722.sys --> c:\windows\system32\drivers\69159722.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2011-1-6 136176]

S3 ddsxeiservice;ddsxeiservice2;\??\c:\arquivos de programas\sxe injected\ddsxei.sys --> c:\arquivos de programas\sxe injected\ddsxei.sys [?]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-5-30 13224]

S3 PAC207;SoC PC-Camera Beta3;c:\windows\system32\drivers\pfc027.sys [2005-2-24 162176]

S3 UXDCMN;UXDCMN;\??\d:\uxdcmn.sys --> d:\UXDCMN.SYS [?]

S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]

S3 XDva353;XDva353;\??\c:\windows\system32\xdva353.sys --> c:\windows\system32\XDva353.sys [?]

S3 XDva359;XDva359;\??\c:\windows\system32\xdva359.sys --> c:\windows\system32\XDva359.sys [?]

S3 XDva380;XDva380;\??\c:\windows\system32\xdva380.sys --> c:\windows\system32\XDva380.sys [?]

S3 XDva383;XDva383;\??\c:\windows\system32\xdva383.sys --> c:\windows\system32\XDva383.sys [?]

S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]

=============== Created Last 30 ================

2011-03-07 13:43:04 -------- d-sh--w- C:\found.000

==================== Find3M ====================

2010-12-16 18:09:26 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2010-12-16 18:09:26 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2010-01-26 13:11:08 444283 ----a-w- c:\arquivos de programas\arquivos comuns\WinPcapNmap.exe

============= FINISH: 22:50:42,68 ===============

Compartilhar este post


Link para o post
Compartilhar em outros sites

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 19/8/2008 16:37:32

System Uptime: 7/3/2011 21:40:14 (1 hours ago)

Motherboard: PCCHIPS | | P23G

Processor: Intel® Pentium® 4 CPU 2.66GHz | CPU 1 | 2666/133mhz

==== Disk Partitions =========================

A: is Removable

C: is FIXED (NTFS) - 37 GiB total, 11,517 GiB free.

D: is CDROM ()

E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

32 Bit HP CIO Components Installer

Adobe Acrobat 5.0

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.0 - Português

Adobe Shockwave Player 11.5

Assistente de Conexão do Windows Live

Atualização Crítica para o Windows Media Player 11 (KB959772)

Atualização de Segurança para o Windows Media Player (KB952069)

Atualização de Segurança para o Windows Media Player (KB954155)

Atualização de Segurança para o Windows Media Player (KB968816)

Atualização de Segurança para o Windows Media Player (KB973540)

Atualização de Segurança para o Windows Media Player (KB978695)

Atualização de Segurança para o Windows Media Player 11 (KB936782)

Atualização de Segurança para o Windows Media Player 11 (KB954154)

Atualização de Segurança para Windows Internet Explorer 7 (KB2183461)

Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)

Atualização de Segurança para Windows Internet Explorer 7 (KB953838)

Atualização de Segurança para Windows Internet Explorer 7 (KB972260)

Atualização de Segurança para Windows Internet Explorer 7 (KB974455)

Atualização de Segurança para Windows Internet Explorer 7 (KB976325)

Atualização de Segurança para Windows Internet Explorer 7 (KB978207)

Atualização de Segurança para Windows Internet Explorer 7 (KB982381)

Atualização de Segurança para Windows XP (KB2079403)

Atualização de Segurança para Windows XP (KB2160329)

Atualização de Segurança para Windows XP (KB2229593)

Atualização de Segurança para Windows XP (KB2286198)

Atualização de Segurança para Windows XP (KB2347290)

Atualização de Segurança para Windows XP (KB923561)

Atualização de Segurança para Windows XP (KB923689)

Atualização de Segurança para Windows XP (KB938464-v2)

Atualização de Segurança para Windows XP (KB941569)

Atualização de Segurança para Windows XP (KB950762)

Atualização de Segurança para Windows XP (KB950974)

Atualização de Segurança para Windows XP (KB951066)

Atualização de Segurança para Windows XP (KB951376-v2)

Atualização de Segurança para Windows XP (KB951698)

Atualização de Segurança para Windows XP (KB951748)

Atualização de Segurança para Windows XP (KB952004)

Atualização de Segurança para Windows XP (KB952954)

Atualização de Segurança para Windows XP (KB953839)

Atualização de Segurança para Windows XP (KB954459)

Atualização de Segurança para Windows XP (KB954600)

Atualização de Segurança para Windows XP (KB955069)

Atualização de Segurança para Windows XP (KB956572)

Atualização de Segurança para Windows XP (KB956744)

Atualização de Segurança para Windows XP (KB956802)

Atualização de Segurança para Windows XP (KB956803)

Atualização de Segurança para Windows XP (KB956844)

Atualização de Segurança para Windows XP (KB957097)

Atualização de Segurança para Windows XP (KB958644)

Atualização de Segurança para Windows XP (KB958687)

Atualização de Segurança para Windows XP (KB958869)

Atualização de Segurança para Windows XP (KB959426)

Atualização de Segurança para Windows XP (KB960225)

Atualização de Segurança para Windows XP (KB960803)

Atualização de Segurança para Windows XP (KB960859)

Atualização de Segurança para Windows XP (KB961371)

Atualização de Segurança para Windows XP (KB961501)

Atualização de Segurança para Windows XP (KB968537)

Atualização de Segurança para Windows XP (KB969059)

Atualização de Segurança para Windows XP (KB969947)

Atualização de Segurança para Windows XP (KB970238)

Atualização de Segurança para Windows XP (KB970430)

Atualização de Segurança para Windows XP (KB971468)

Atualização de Segurança para Windows XP (KB971486)

Atualização de Segurança para Windows XP (KB971557)

Atualização de Segurança para Windows XP (KB971633)

Atualização de Segurança para Windows XP (KB971657)

Atualização de Segurança para Windows XP (KB971961)

Atualização de Segurança para Windows XP (KB972270)

Atualização de Segurança para Windows XP (KB973346)

Atualização de Segurança para Windows XP (KB973354)

Atualização de Segurança para Windows XP (KB973507)

Atualização de Segurança para Windows XP (KB973525)

Atualização de Segurança para Windows XP (KB973869)

Atualização de Segurança para Windows XP (KB973904)

Atualização de Segurança para Windows XP (KB974112)

Atualização de Segurança para Windows XP (KB974318)

Atualização de Segurança para Windows XP (KB974392)

Atualização de Segurança para Windows XP (KB974571)

Atualização de Segurança para Windows XP (KB975025)

Atualização de Segurança para Windows XP (KB975467)

Atualização de Segurança para Windows XP (KB975560)

Atualização de Segurança para Windows XP (KB975561)

Atualização de Segurança para Windows XP (KB975562)

Atualização de Segurança para Windows XP (KB975713)

Atualização de Segurança para Windows XP (KB977165-v2)

Atualização de Segurança para Windows XP (KB977816)

Atualização de Segurança para Windows XP (KB977914)

Atualização de Segurança para Windows XP (KB978037)

Atualização de Segurança para Windows XP (KB978251)

Atualização de Segurança para Windows XP (KB978262)

Atualização de Segurança para Windows XP (KB978338)

Atualização de Segurança para Windows XP (KB978542)

Atualização de Segurança para Windows XP (KB978601)

Atualização de Segurança para Windows XP (KB978706)

Atualização de Segurança para Windows XP (KB979309)

Atualização de Segurança para Windows XP (KB979482)

Atualização de Segurança para Windows XP (KB979559)

Atualização de Segurança para Windows XP (KB979683)

Atualização de Segurança para Windows XP (KB980195)

Atualização de Segurança para Windows XP (KB980218)

Atualização de Segurança para Windows XP (KB980232)

Atualização de Segurança para Windows XP (KB980436)

Atualização de Segurança para Windows XP (KB981322)

Atualização de Segurança para Windows XP (KB981349)

Atualização de Segurança para Windows XP (KB981852)

Atualização de Segurança para Windows XP (KB981997)

Atualização de Segurança para Windows XP (KB982214)

Atualização de Segurança para Windows XP (KB982665)

Atualização para Windows Internet Explorer 7 (KB976749)

Atualização para Windows Internet Explorer 7 (KB980182)

Atualização para Windows XP (KB2141007)

Atualização para Windows XP (KB898461)

Atualização para Windows XP (KB951072-v2)

Atualização para Windows XP (KB951978)

Atualização para Windows XP (KB955759)

Atualização para Windows XP (KB955839)

Atualização para Windows XP (KB960763)

Atualização para Windows XP (KB961503)

Atualização para Windows XP (KB967715)

Atualização para Windows XP (KB968389)

Atualização para Windows XP (KB971737)

Atualização para Windows XP (KB973687)

Atualização para Windows XP (KB973815)

Avira AntiVir Personal - Free Antivirus

BufferChm

Call of Duty® 4 - Modern Warfare 1.4 Patch

Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch

Call of Duty® 4 - Modern Warfare 1.5 Patch

CCleaner (remove only)

COMODO Internet Security

Compatibility Pack for the 2007 Office system

Copy

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DJ_AIO_03_F4200_ProductContext

DJ_AIO_03_F4200_Software

DJ_AIO_03_F4200_Software_Min

Driver Detective

EPSON Printer Software

eSupportQFolder

F4200

F4200_Help

Ferramenta de Carregamento do Windows Live

Google Earth

Google Update Helper

GPBaseService

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB954550-v5)

Hotfix para o Windows Media Player 11 (KB939683)

Hotfix para Windows XP (KB952287)

Hotfix para Windows XP (KB961118)

Hotfix para Windows XP (KB970653-v3)

Hotfix para Windows XP (KB976098-v2)

Hotfix para Windows XP (KB979306)

Hotfix para Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Smart Web Printing

HP Solution Center 10.0

HP Update

HPProductAssistant

HPSSupply

IRPF2010 - Declaração de Ajuste Anual e Final de Espólio

Java Auto Updater

Java 6 Update 22

K-Lite Codec Pack 2.81 Full

Magic Scanner

Malwarebytes' Anti-Malware

MarketResearch

Messenger Plus! Live

Microsoft .NET Framework 1.1

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office PowerPoint 2003 Template Pack 1

Microsoft Office Professional Edição 2003

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

ModernForex

Mozilla Firefox (3.6.14)

MSVCRT

MSVCSetup

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

MZ Manager 2

Nero Suite

On-line Help Console

OpenAL

PC Camera

PCI SoftV92 Modem

Platform

Power Tab Editor 1.7

Priston Tale Brasil

PSSWCORE

RealPlayer

Realtek AC'97 Audio

Receitanet Java 2010.02b

Scan

Segoe UI

Shop for HP Supplies

SmartWebPrinting

SolutionCenter

Status

System Requirements Lab

Tibia

Toolbox

TrayApp

Turok 2: Seeds of Evil

Unity Web Player

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update Manager

VDownloader 0.83

VDownloader 3.0.720

VIA Platform Device Manager

VIA Rhine-Family Fast Ethernet Adapter

VIA/S3G Display Driver 6.14.10.0343

VideoToolkit01

WebFldrs XP

WebReg

WinDirStat 1.1.2

Windows 7 Upgrade Advisor

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 7

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

WinPcap 4.1.1

WinRAR archiver

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

GMER deu um arquivo enorme e não consigo postar..o que faço?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você leu o tópico "Leia Antes de Postar"?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Li sim sobre as instruçoes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bem, veja que pedimos para não responder o próprio tópico enquanto estiver com 0 resposta. Isso apenas atrasa mais a ajuda.

Poste novo log do DDS e poste o log do GMER dividido em vários posts.

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS (Ver_10-12-12.02) - NTFSx86

Run by User at 13:27:43,50 on seg 14/03/2011

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.959.547 [GMT -3:00]

AV: Avira AntiVir PersonalEdition *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

FW: COMODO Firewall *Disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

svchost.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe

C:\WINDOWS\System32\PAStiSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\User\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\arquivos de programas\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Facilitador de Leitor de Link Adobe PDF: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\arquivos de programas\real\realplayer\rpbrowserrecordplugin.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\arquivos de programas\hp\digital imaging\smart web printing\hpswp_BHO.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [VTTimer] VTTimer.exe

mRun: [VTTrayp] VTtrayp.exe

mRun: [soundMan] SOUNDMAN.EXE

mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [iSUSScheduler] "c:\arquivos de programas\arquivos comuns\installshield\updateservice\issch.exe" -start

mRun: [avgnt] "c:\arquivos de programas\avira\antivir personaledition classic\avgnt.exe" /min

mRun: [iSUSPM Startup] c:\arquiv~1\arquiv~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [COMODO Internet Security] "c:\arquivos de programas\comodo\comodo internet security\cfp.exe" -h

mRun: [Emurayden PSX Emulator]

mRun: [sunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe"

mRun: [HP Software Update] c:\arquivos de programas\hp\hp software update\HPWuSchd2.exe

mRun: [hpqSRMon] c:\arquivos de programas\hp\digital imaging\bin\hpqSRMon.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [DWQueuedReporting] "c:\arquiv~1\arquiv~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\user\menuin~1\progra~1\inicia~1\imvu.lnk - c:\documents and settings\user\dados de aplicativos\imvuclient\IMVUQualityAgent.exe

StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\hpdigi~1.lnk - c:\arquivos de programas\hp\digital imaging\bin\hpqtra08.exe

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\user\menu iniciar\programas\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\arquivos de programas\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/mjss/MJSS.cab109791.cab

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} - hxxp://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

TCP: {D16667CF-5B7D-41B2-9531-58289F21F6E7} = 200.175.89.139,200.175.5.139

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user\dadosd~1\mozilla\firefox\profiles\6vmzx1sc.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - plugin: c:\arquivos de programas\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\arquivos de programas\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\arquivos de programas\mozilla firefox\plugins\NPplaynet.dll

FF - plugin: c:\documents and settings\all users\dados de aplicativos\nexonus\ngm\npNxGameUS.dll

FF - plugin: c:\documents and settings\user\configuraã§ãµes locais\dados de aplicativos\unity\webplayer\loader\npUnity3D32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de programas\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard

============= SERVICES / DRIVERS ===============

R0 94520242;94520242 Boot Guard Driver;c:\windows\system32\drivers\94520242.sys [2010-8-2 37392]

R1 69159721;69159721;c:\windows\system32\drivers\69159721.sys [2010-8-2 128016]

R1 94520241;94520241;c:\windows\system32\drivers\94520241.sys [2010-8-2 128016]

R1 avgio;avgio;c:\arquivos de programas\avira\antivir personaledition classic\avgio.sys [2008-12-22 11608]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-6-4 239240]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-6-1 25240]

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\arquivos de programas\avira\antivir personaledition classic\sched.exe [2008-12-22 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\arquivos de programas\avira\antivir personaledition classic\avguard.exe [2008-12-22 151297]

R2 cmdAgent;COMODO Internet Security Helper Service;c:\arquivos de programas\comodo\comodo internet security\cmdagent.exe [2010-6-1 1901056]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-1-26 50704]

R2 Wi2GeoMagicScanner;Wi2Geo Magic Scanner;c:\arquivos de programas\wi2geo\magic scanner\Wi2Geo.MagicScanner.exe [2009-3-18 616960]

R3 avgntflt;avgntflt;c:\arquivos de programas\avira\antivir personaledition classic\avgntflt.sys [2008-12-22 52056]

S0 69159722;69159722 Boot Guard Driver;c:\windows\system32\drivers\69159722.sys --> c:\windows\system32\drivers\69159722.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\arquivos de programas\google\update\GoogleUpdate.exe [2011-1-6 136176]

S3 ddsxeiservice;ddsxeiservice2;\??\c:\arquivos de programas\sxe injected\ddsxei.sys --> c:\arquivos de programas\sxe injected\ddsxei.sys [?]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-5-30 13224]

S3 PAC207;SoC PC-Camera Beta3;c:\windows\system32\drivers\pfc027.sys [2005-2-24 162176]

S3 UXDCMN;UXDCMN;\??\d:\uxdcmn.sys --> d:\UXDCMN.SYS [?]

S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]

S3 XDva353;XDva353;\??\c:\windows\system32\xdva353.sys --> c:\windows\system32\XDva353.sys [?]

S3 XDva359;XDva359;\??\c:\windows\system32\xdva359.sys --> c:\windows\system32\XDva359.sys [?]

S3 XDva380;XDva380;\??\c:\windows\system32\xdva380.sys --> c:\windows\system32\XDva380.sys [?]

S3 XDva383;XDva383;\??\c:\windows\system32\xdva383.sys --> c:\windows\system32\XDva383.sys [?]

S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]

=============== Created Last 30 ================

2011-03-07 13:43:04 -------- d-sh--w- C:\found.000

==================== Find3M ====================

2010-12-16 18:09:26 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2010-12-16 18:09:26 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2010-01-26 13:11:08 444283 ----a-w- c:\arquivos de programas\arquivos comuns\WinPcapNmap.exe

============= FINISH: 13:29:14,65 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 19/8/2008 16:37:32

System Uptime: 14/3/2011 12:53:26 (1 hours ago)

Motherboard: PCCHIPS | | P23G

Processor: Intel® Pentium® 4 CPU 2.66GHz | CPU 1 | 2666/133mhz

==== Disk Partitions =========================

A: is Removable

C: is FIXED (NTFS) - 37 GiB total, 10,511 GiB free.

D: is CDROM ()

E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

32 Bit HP CIO Components Installer

Adobe Acrobat 5.0

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.0 - Português

Adobe Shockwave Player 11.5

Assistente de Conexão do Windows Live

Atualização Crítica para o Windows Media Player 11 (KB959772)

Atualização de Segurança para o Windows Media Player (KB952069)

Atualização de Segurança para o Windows Media Player (KB954155)

Atualização de Segurança para o Windows Media Player (KB968816)

Atualização de Segurança para o Windows Media Player (KB973540)

Atualização de Segurança para o Windows Media Player (KB978695)

Atualização de Segurança para o Windows Media Player 11 (KB936782)

Atualização de Segurança para o Windows Media Player 11 (KB954154)

Atualização de Segurança para Windows Internet Explorer 7 (KB2183461)

Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)

Atualização de Segurança para Windows Internet Explorer 7 (KB953838)

Atualização de Segurança para Windows Internet Explorer 7 (KB972260)

Atualização de Segurança para Windows Internet Explorer 7 (KB974455)

Atualização de Segurança para Windows Internet Explorer 7 (KB976325)

Atualização de Segurança para Windows Internet Explorer 7 (KB978207)

Atualização de Segurança para Windows Internet Explorer 7 (KB982381)

Atualização de Segurança para Windows XP (KB2079403)

Atualização de Segurança para Windows XP (KB2160329)

Atualização de Segurança para Windows XP (KB2229593)

Atualização de Segurança para Windows XP (KB2286198)

Atualização de Segurança para Windows XP (KB2347290)

Atualização de Segurança para Windows XP (KB923561)

Atualização de Segurança para Windows XP (KB923689)

Atualização de Segurança para Windows XP (KB938464-v2)

Atualização de Segurança para Windows XP (KB941569)

Atualização de Segurança para Windows XP (KB950762)

Atualização de Segurança para Windows XP (KB950974)

Atualização de Segurança para Windows XP (KB951066)

Atualização de Segurança para Windows XP (KB951376-v2)

Atualização de Segurança para Windows XP (KB951698)

Atualização de Segurança para Windows XP (KB951748)

Atualização de Segurança para Windows XP (KB952004)

Atualização de Segurança para Windows XP (KB952954)

Atualização de Segurança para Windows XP (KB953839)

Atualização de Segurança para Windows XP (KB954459)

Atualização de Segurança para Windows XP (KB954600)

Atualização de Segurança para Windows XP (KB955069)

Atualização de Segurança para Windows XP (KB956572)

Atualização de Segurança para Windows XP (KB956744)

Atualização de Segurança para Windows XP (KB956802)

Atualização de Segurança para Windows XP (KB956803)

Atualização de Segurança para Windows XP (KB956844)

Atualização de Segurança para Windows XP (KB957097)

Atualização de Segurança para Windows XP (KB958644)

Atualização de Segurança para Windows XP (KB958687)

Atualização de Segurança para Windows XP (KB958869)

Atualização de Segurança para Windows XP (KB959426)

Atualização de Segurança para Windows XP (KB960225)

Atualização de Segurança para Windows XP (KB960803)

Atualização de Segurança para Windows XP (KB960859)

Atualização de Segurança para Windows XP (KB961371)

Atualização de Segurança para Windows XP (KB961501)

Atualização de Segurança para Windows XP (KB968537)

Atualização de Segurança para Windows XP (KB969059)

Atualização de Segurança para Windows XP (KB969947)

Atualização de Segurança para Windows XP (KB970238)

Atualização de Segurança para Windows XP (KB970430)

Atualização de Segurança para Windows XP (KB971468)

Atualização de Segurança para Windows XP (KB971486)

Atualização de Segurança para Windows XP (KB971557)

Atualização de Segurança para Windows XP (KB971633)

Atualização de Segurança para Windows XP (KB971657)

Atualização de Segurança para Windows XP (KB971961)

Atualização de Segurança para Windows XP (KB972270)

Atualização de Segurança para Windows XP (KB973346)

Atualização de Segurança para Windows XP (KB973354)

Atualização de Segurança para Windows XP (KB973507)

Atualização de Segurança para Windows XP (KB973525)

Atualização de Segurança para Windows XP (KB973869)

Atualização de Segurança para Windows XP (KB973904)

Atualização de Segurança para Windows XP (KB974112)

Atualização de Segurança para Windows XP (KB974318)

Atualização de Segurança para Windows XP (KB974392)

Atualização de Segurança para Windows XP (KB974571)

Atualização de Segurança para Windows XP (KB975025)

Atualização de Segurança para Windows XP (KB975467)

Atualização de Segurança para Windows XP (KB975560)

Atualização de Segurança para Windows XP (KB975561)

Atualização de Segurança para Windows XP (KB975562)

Atualização de Segurança para Windows XP (KB975713)

Atualização de Segurança para Windows XP (KB977165-v2)

Atualização de Segurança para Windows XP (KB977816)

Atualização de Segurança para Windows XP (KB977914)

Atualização de Segurança para Windows XP (KB978037)

Atualização de Segurança para Windows XP (KB978251)

Atualização de Segurança para Windows XP (KB978262)

Atualização de Segurança para Windows XP (KB978338)

Atualização de Segurança para Windows XP (KB978542)

Atualização de Segurança para Windows XP (KB978601)

Atualização de Segurança para Windows XP (KB978706)

Atualização de Segurança para Windows XP (KB979309)

Atualização de Segurança para Windows XP (KB979482)

Atualização de Segurança para Windows XP (KB979559)

Atualização de Segurança para Windows XP (KB979683)

Atualização de Segurança para Windows XP (KB980195)

Atualização de Segurança para Windows XP (KB980218)

Atualização de Segurança para Windows XP (KB980232)

Atualização de Segurança para Windows XP (KB980436)

Atualização de Segurança para Windows XP (KB981322)

Atualização de Segurança para Windows XP (KB981349)

Atualização de Segurança para Windows XP (KB981852)

Atualização de Segurança para Windows XP (KB981997)

Atualização de Segurança para Windows XP (KB982214)

Atualização de Segurança para Windows XP (KB982665)

Atualização para Windows Internet Explorer 7 (KB976749)

Atualização para Windows Internet Explorer 7 (KB980182)

Atualização para Windows XP (KB2141007)

Atualização para Windows XP (KB898461)

Atualização para Windows XP (KB951072-v2)

Atualização para Windows XP (KB951978)

Atualização para Windows XP (KB955759)

Atualização para Windows XP (KB955839)

Atualização para Windows XP (KB960763)

Atualização para Windows XP (KB961503)

Atualização para Windows XP (KB967715)

Atualização para Windows XP (KB968389)

Atualização para Windows XP (KB971737)

Atualização para Windows XP (KB973687)

Atualização para Windows XP (KB973815)

Avira AntiVir Personal - Free Antivirus

BufferChm

Call of Duty® 4 - Modern Warfare 1.4 Patch

Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch

Call of Duty® 4 - Modern Warfare 1.5 Patch

CCleaner (remove only)

COMODO Internet Security

Compatibility Pack for the 2007 Office system

Copy

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DJ_AIO_03_F4200_ProductContext

DJ_AIO_03_F4200_Software

DJ_AIO_03_F4200_Software_Min

Driver Detective

EPSON Printer Software

eSupportQFolder

F4200

F4200_Help

Ferramenta de Carregamento do Windows Live

Google Earth

Google Update Helper

GPBaseService

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB954550-v5)

Hotfix para o Windows Media Player 11 (KB939683)

Hotfix para Windows XP (KB952287)

Hotfix para Windows XP (KB961118)

Hotfix para Windows XP (KB970653-v3)

Hotfix para Windows XP (KB976098-v2)

Hotfix para Windows XP (KB979306)

Hotfix para Windows XP (KB981793)

HP Customer Participation Program 10.0

HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3

HP Imaging Device Functions 10.0

HP Photosmart Essential 2.5

HP Smart Web Printing

HP Solution Center 10.0

HP Update

HPProductAssistant

HPSSupply

IRPF2010 - Declaração de Ajuste Anual e Final de Espólio

Java Auto Updater

Java 6 Update 22

K-Lite Codec Pack 2.81 Full

Magic Scanner

Malwarebytes' Anti-Malware

MarketResearch

Messenger Plus! Live

Microsoft .NET Framework 1.1

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office PowerPoint 2003 Template Pack 1

Microsoft Office Professional Edição 2003

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox (3.6.15)

MSVCRT

MSVCSetup

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

MZ Manager 2

Nero Suite

On-line Help Console

OpenAL

PC Camera

PCI SoftV92 Modem

Platform

Power Tab Editor 1.7

Priston Tale Brasil

PSSWCORE

RealPlayer

Realtek AC'97 Audio

Receitanet Java 2010.02b

Scan

Segoe UI

Shop for HP Supplies

SmartWebPrinting

SolutionCenter

Status

System Requirements Lab

Tibia

Toolbox

TrayApp

Turok 2: Seeds of Evil

Unity Web Player

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update Manager

VDownloader 0.83

VDownloader 3.0.720

VIA Platform Device Manager

VIA Rhine-Family Fast Ethernet Adapter

VIA/S3G Display Driver 6.14.10.0343

VideoToolkit01

WebFldrs XP

WebReg

WinDirStat 1.1.2

Windows 7 Upgrade Advisor

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 7

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

WinPcap 4.1.1

WinRAR archiver

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

GMER 1.0.15.15530 - http://www.gmer.net

Rootkit scan 2011-03-09 17:14:03

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-1b WDC_WD400BB-00JHC0 rev.05.01C05

Running: gmer.exe; Driver: C:\DOCUME~1\User\CONFIG~1\Temp\kwacraod.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0xF55927B6]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0xF5591D66]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0xF559241C]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateKey [0xF559302A]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0xF5591C42]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0xF55950E8]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0xF559546E]

SSDT F7E2DE8C ZwCreateThread

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteKey [0xF55929A2]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDeleteValueKey [0xF5592BA2]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0xF5591434]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateKey [0xF5593768]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwEnumerateValueKey [0xF55939BE]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0xF5594AF8]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0xF5591FFE]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0xF55925F8]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenKey [0xF559301A]

SSDT F7E2DE78 ZwOpenProcess

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0xF55922A2]

SSDT F7E2DE7D ZwOpenThread

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryKey [0xF5593BCC]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryMultipleValueKey [0xF5594020]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwQueryValueKey [0xF5593DDE]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRenameKey [0xF5593580]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0xF5594590]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0xF5594844]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSecurityObject [0xF5592DF2]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0xF5594DF0]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetValueKey [0xF55932F8]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0xF5591F98]

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0xF559218E]

SSDT F7E2DE87 ZwTerminateProcess

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0xF5591832]

SSDT F7E2DE82 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 78 804E26E4 2 Bytes [b6, 27] {MOV DH, 0x27}

.text ntoskrnl.exe!_abnormal_termination + 7B 804E26E7 1 Byte [F5]

.text ntoskrnl.exe!_abnormal_termination + 104 804E2770 2 Bytes [42, 1C]

.text ntoskrnl.exe!_abnormal_termination + 107 804E2773 1 Byte [F5]

.text ntoskrnl.exe!_abnormal_termination + 114 804E2780 4 Bytes CALL A14380D5

.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe[144] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\ctfmon.exe[280] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe[288] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE[312] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[580] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\services.exe[736] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] WS2_32.dll!WSASocketW 71A7404E 7 Bytes JMP 1002C920 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] WS2_32.dll!WSASocketA 71A78B6A 5 Bytes JMP 1002C940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\lsass.exe[748] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\svchost.exe[812] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] WININET.dll!InternetConnectA 3FA6B0D2 5 Bytes JMP 1002C980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe[880] WININET.dll!InternetConnectW 3FA6C2C0 5 Bytes JMP 1002C960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[904] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1004] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1080] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe[1096] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 005017E0 C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe[1096] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 005181B0 C:\Arquivos de programas\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1136] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] shell32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] shell32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] shell32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Documents and Settings\User\Desktop\gmer.exe[1248] shell32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1256] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe[1364] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] WININET.dll!InternetConnectA 3FA6B0D2 5 Bytes JMP 1002C980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1424] WININET.dll!InternetConnectW 3FA6C2C0 5 Bytes JMP 1002C960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[1512] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe[1564] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] WS2_32.dll!WSASocketW 71A7404E 7 Bytes JMP 1002C920 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] WS2_32.dll!WSASocketA 71A78B6A 5 Bytes JMP 1002C940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Java\jre6\bin\jqs.exe[1636] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

Editado por Mtusx9

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] WININET.dll!InternetConnectA 3FA6B0D2 5 Bytes JMP 1002C980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] WININET.dll!InternetConnectW 3FA6C2C0 5 Bytes JMP 1002C960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\Explorer.EXE[1684] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] WININET.dll!InternetConnectA 3FA6B0D2 5 Bytes JMP 1002C980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\spoolsv.exe[1820] WININET.dll!InternetConnectW 3FA6C2C0 5 Bytes JMP 1002C960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTTimer.exe[1904] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\VTtrayp.exe[1912] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\SOUNDMAN.EXE[1920] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe[1936] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 009ECE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 009DCD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 009ECDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 009ECE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 009ECE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 009ECE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 009EC490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 009ECDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 009ECDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 009EC440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 009ECD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 009ECD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 009ECE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 009EC4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 009EA630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 009DCE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 009ECD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 009ECC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 009ECA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 009ECCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 009ECCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 009ECA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 009E7790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 009E8320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 009ECD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 009ECA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 009ECAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 009ECAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 009ECC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 009ECB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 009ECBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 009ECCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 009ECBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 009ECC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 009ECC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 009ECB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 009ECAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 009ECB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 009ECBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 009ECB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 009ECB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 009ECC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 009ECA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 009ECD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 009EE3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 009ED830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [A8, 88, CC, CC] {TEST AL, 0x88; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 009E62C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 009ED590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 009E6BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 009EDD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 009EDAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 009EC9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 009EC9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 009ECA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 009EC9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 009EE840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1968] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 009EE600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00719AB0 C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] WININET.dll!InternetConnectA 3FA6B0D2 5 Bytes JMP 1002C980 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] WININET.dll!InternetConnectW 3FA6C2C0 5 Bytes JMP 1002C960 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe[2020] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 007FCE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 007ECD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 007FCDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 007FCE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 007FCE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 007FCE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 007FC490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 007FCDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 007FCDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 007FC440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 007FCD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 007FCD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 007FCE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 007FC4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 007FA630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 007ECE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 007FCD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 007FCC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 007FCA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 007FCCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 007FCCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 007FCA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 007F7790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 007F8320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 007FCD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 007FCA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 007FCAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 007FCAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 007FCC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 007FCB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 007FCBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 007FCCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 007FCBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 007FCC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 007FCC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 007FCB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 007FCAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 007FCB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 007FCBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 007FCB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 007FCB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 007FCC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 007FCA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 007FCD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 007FD830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [89, 88, CC, CC]

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 007F62C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 007FD590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 007F6BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 007FDD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 007FDAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 007FE3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 007FC9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 007FC9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 007FCA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 007FC9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] WS2_32.dll!WSASocketW 71A7404E 7 Bytes JMP 007FC920 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] WS2_32.dll!WSASocketA 71A78B6A 5 Bytes JMP 007FC940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 007FE840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe[2076] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 007FE600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe[2100] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\PAStiSvc.exe[2148] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe[2160] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\svchost.exe[2188] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] WS2_32.dll!WSASocketW 71A7404E 7 Bytes JMP 1002C920 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\Arquivos de programas\Wi2Geo\Magic Scanner\Wi2Geo.MagicScanner.exe[2224] WS2_32.dll!WSASocketA 71A78B6A 5 Bytes JMP 1002C940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wscntfy.exe[3000] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wuauclt.exe[3008] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

Compartilhar este post


Link para o post
Compartilhar em outros sites

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[3408] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] USER32.dll!EndTask 7E3AA0A5 5 Bytes JMP 1002E3C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!OpenServiceW 77F66FFD 2 Bytes JMP 1002D830 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!OpenServiceW + 3 77F67000 4 Bytes [0C, 98, CC, CC] {OR AL, 0x98; INT 3 ; INT 3 }

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!CreateProcessAsUserW 77F6A8A9 5 Bytes JMP 100262C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!OpenServiceA 77F74C66 7 Bytes JMP 1002D590 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!CreateProcessAsUserA 77F90CE8 5 Bytes JMP 10026BF0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!CreateServiceA 77FB7211 7 Bytes JMP 1002DD80 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ADVAPI32.dll!CreateServiceW 77FB73A9 7 Bytes JMP 1002DAA0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ole32.dll!CoCreateInstanceEx 774E0526 5 Bytes JMP 1002E840 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] ole32.dll!CoGetClassObject 774F56C5 5 Bytes JMP 1002E600 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] WS2_32.dll!WSASocketW 71A7404E 7 Bytes JMP 1002C920 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] WS2_32.dll!WSASocketA 71A78B6A 5 Bytes JMP 1002C940 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

.text C:\WINDOWS\System32\alg.exe[3588] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 C:\WINDOWS\system32\guard32.dll (COMODO Internet Security/COMODO)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\nwlnkipx.sys[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\nwlnkipx.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\nwlnkipx.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\nwlnkipx.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F75DA740] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F75DA780] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F75DA6E0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F75DA7B0] inspect.sys (COMODO Internet Security Firewall Driver/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00567B90] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [00567C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [00567C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] [00567C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!DeleteObject] [00566950] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [00567C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00567B50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00567B90] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DefWindowProcA] [00566D50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!DefWindowProcW] [00566DE0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetSysColor] [005668F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!RegisterClassA] [00567280] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!RegisterClassW] [00567340] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SystemParametersInfoW] [00567580] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcW] [00566C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!CallWindowProcA] [00566CB0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!GetSystemMetrics] [00567400] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!DeleteObject] [00566950] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] [00567C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00567B90] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00567B50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!AdjustWindowRectEx] [005676C0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DefWindowProcA] [00566D50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetSystemMetrics] [00567400] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetSysColor] [005668F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DefWindowProcW] [00566DE0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!RegisterClassW] [00567340] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetSysColorBrush] [005669A0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!FillRect] [00567800] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DrawFrameControl] [005678D0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!DrawEdge] [00567880] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SystemParametersInfoW] [00567580] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!GetScrollInfo] [00566BA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!CallWindowProcW] [00566C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetScrollInfo] [00566A90] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [GDI32.dll!DeleteObject] [00566950] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00567B90] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00567B50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SystemParametersInfoW] [00567580] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetSystemMetrics] [00567400] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!GetSysColor] [005668F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!CallWindowProcW] [00566C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!RegisterClassW] [00567340] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!DefWindowProcW] [00566DE0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00567B10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00567B50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!GetSystemMetrics] [00567400] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00567CA0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00567AD0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00567B50] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00567B90] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [005671F0] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] [00567C10] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

IAT C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe[2012] @ C:\WINDOWS\system32\CRYPT32.dll [uSER32.dll!GetSystemMetrics] [00567400] C:\Arquivos de programas\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

AttachedDevice \Driver\Tcpip \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

AttachedDevice \Driver\Tcpip \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

AttachedDevice \Driver\Tcpip \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x08 0xAF 0xE3 0x60 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xD4 0x9C 0xF9 0x69 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x08 0xAF 0xE3 0x60 ...

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xD4 0x9C 0xF9 0x69 ...

Reg HKCU\Software\Microsoft\Windows Live\Communications Clients\Shared\2554546316\Groups@\xb0\xb0yo\xb0\xb0 1

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Leia atentamente toda a instrução abaixo antes de executar o programa.

Faça download do Kaspersky Removal Tool e salve em seu desktop.

  • Instale o programa normalmente, seguindo todas as instruções.
  • Uma pasta chamada Virus Removal Tool será criada no desktop.
  • Na tela do programa clique nas opções:
    • Meu computador
    • Hidden Startup objects
    • Disk boot sectors
    • System Memory

    [*]Clique no botão Start Scan.[*]Seja paciente, o scan é demorado![*]Conforme for scaneando provavelmente abrirá algumas janelas pequenas ao lado do relógio, não clique em nada.[*]Também há uma possibilidade de abrir uma janela maior contendo as seguintes opções:

    • Desinfection (quando possível)
    • Delete
    • Skip
  • Quando aparecer, marque primero a opção abaixo Apply to all objects e depois clique numa das opções acima.
  • Após completar tudo, clique no botão Reports, na janela que abrir nas opções acima deixe:
    • Autoscan
    • Group by result
    • All Events

    [*]Expanda Autoscan clicando no sinal ao lado de +[*]Expanda Result: Detected.[*]Clique com o botão direito do mouse e escolha Select all, e depois escolha Copy.[*]Atenção, ao fazer isso parece que o PC travou, mas não, aguarde uns minutos para liberar a memória.[*]Abra o Bloco de Notas e cole (ctrl + v)[*]Dê um nome para o arquivo e salve numa pasta de sua preferência.[*]Feche o resultado clicando no botão Exit.[*]Ao fazer isso será questionado se quer desinstalar a ferramenta, clique em Sim.[*]Reinicie o computador quando for pedido.[*]Poste o conteúdo desse arquivo em sua próxima resposta.

OBSERVAÇÃO1:

Atente para as janelas durante o scan elas possuem cores diferentes dependendo do risco. Portanto,
  • verde
    :
    baixo risco
  • amarelo
    :
    médio risco
  • vermelho
    :
    alto risco

Antes de tomar qualquer medida verifique com cuidado o caminho/nome do arquivo para ver é de seu conhecimento, caso seja clique em
Skip
.

OBSERVAÇÃO2:

Se no resultado final do scan apenas tiver
Result:
OK
, não precisa gerar um relatório, apenas informe deste.

OBSERVAÇÃO3:

Durante o scan pode ser que o Kaspersky acuse a seguinte pasta com vírus:
c:\
QooBox
. Caso isto aconteça escolha a opção
Skip
, pois a mesma pertence ao
ComboFix
e será removida quando o mesmo for desinstalado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Verificação automática: concluído 3 horas atrás (eventos: 7, objetos: 171132, hora: 02:25:17)

17/3/2011 20:39:45 Tarefa iniciada Ação padrão selecionada

17/3/2011 21:15:27 Erro de processamento C:\Arquivos de programas\COMODO\COMODO Internet Security\repair\cavscan.exe/PE_Patch.PECompact/PecBundle Erro de leitura

17/3/2011 21:15:33 Tarefa interrompida Ação padrão selecionada

17/3/2011 21:17:09 Tarefa iniciada Ação padrão selecionada

17/3/2011 22:40:53 Detectados: Exploit.Java.CVE-2010-0840.d C:\Documents and Settings\User\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\40\22170028-40b931c2/langdriver/translator.class Ação padrão selecionada

17/3/2011 22:41:48 Excluído: Exploit.Java.CVE-2010-0840.d C:\Documents and Settings\User\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\40\22170028-40b931c2/langdriver/translator.class Ação padrão selecionada

17/3/2011 23:42:28 Tarefa concluída Ação padrão selecionada

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×