Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Cant remove Q-Word Search

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:38 pm

CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSYSTEM32CTXFISPI.EXE[744] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesMicrosoft OfficeOfficeOSA.EXE[752] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32services.exe[932] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 1002C920 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 1002C940 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32lsass.exe[944] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm
Advertisement
Register to Remove

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:40 pm

SharedVS7DEBUGmdm.exe[992] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe[992] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO GeekBuddyCLPSLS.exe[1108] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32nvsvc32.exe[1120] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1168] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1240] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO Internet Securitycmdagent.exe[1280] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 005017E0 CProgram FilesCOMODOCOMODO Internet Securitycmdagent.exe (COMODO Internet SecurityCOMODO)
.text CProgram FilesCOMODOCOMODO Internet Securitycmdagent.exe[1280] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 005181B0 CProgram FilesCOMODOCOMODO Internet Securitycmdagent.exe (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
CWINDOWSsys
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:41 pm

.text CWINDOWSsystem32svchost.exe[1308] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1308] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1444] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32svchost.exe[1604] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 00D7CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 00D6CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 00D7CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 00D7CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 00D7CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 00D7CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 00D7C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 00D7CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 00D7CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00D7C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 00D7CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 00D7CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:41 pm

AwareAAWService.exe[1804] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D7CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 00D7C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 00D7A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 00D6CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 00D7CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D7CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D7CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 00D7CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D7CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D7CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D77790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D78320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 00D7CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 00D7CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 00D7CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 00D7CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 00D7CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 00D7CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 00D7CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 00D7CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 00D7CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 00D7CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 00D7CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 00D7CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 00D7CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 00D7CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 00D7CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 00D7CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 00D7CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 00D7CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 00D7CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 00D7CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 00D7D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [F9, 88, CC, CC] {STC ; MOV AH, CL; INT 3 }
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 00D762C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 00D7D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 00D76BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 00D7DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 00D7DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 00D7E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] WININET.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 00D7C980 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] WININET.dll!InternetConnectW 3D94F862 5 Bytes JMP 00D7C960 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 00D7E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 00D7E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 00D7C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 00D7C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 00D7CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWService.exe[1804] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 00D7C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] WININET.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 1002C980 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] WININET.dll!InternetConnectW 3D94F862 5 Bytes JMP 1002C960 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSExplorer.EXE[1904] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXBCES.EXE[1960] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:43 pm

tem32LEXPPS.EXE[2008] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32LEXPPS.EXE[2008] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32spoolsv.exe[2036] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesLavasoftAd-AwareAAWTray.exe[2788] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:44 pm

VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemunsecapp.exe[2824] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 1002C920 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 1002C940 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSsystem32wbemwmiprvse.exe[2936] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CDocuments and SettingsUserLocal SettingsTemporary Internet FilesContent.IE57ZHE8VCE3v3gorix[1].exe[3156] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:45 pm

)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesiPodbiniPodService.exe[3632] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!LoadLibraryExW 7C801AF5 7 Bytes JMP 1002CCC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 1002CCE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 1002CA80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 1002CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!LoadLibraryW 7C80AEEB 5 Bytes JMP 1002CA60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] WS2_32.dll!WSASocketW 71AB404E 7 Bytes JMP 1002C920 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] WS2_32.dll!WSASocketA 71AB8B6A 5 Bytes JMP 1002C940 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CWINDOWSSystem32alg.exe[3816] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 7 Bytes JMP 1002C750 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[3936] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] WININET.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 1002C980 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[3936] WININET.dll!InternetConnectW 3D94F862 5 Bytes JMP 1002C960 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtAllocateVirtualMemory 7C90CF6E 5 Bytes JMP 1002CE00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtClose 7C90CFEE 5 Bytes JMP 1001CD20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtCreateFile 7C90D0AE 5 Bytes JMP 1002CDC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtCreateProcess 7C90D14E 5 Bytes JMP 1002CE80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtCreateProcessEx 7C90D15E 5 Bytes JMP 1002CE60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtDeleteFile 7C90D23E 5 Bytes JMP 1002CE20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtFreeVirtualMemory 7C90D38E 5 Bytes JMP 1002C490 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtLoadDriver 7C90D46E 5 Bytes JMP 1002CDE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtOpenFile 7C90D59E 5 Bytes JMP 1002CDA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 1002C440 CWINDOWSsystem32guard32.dll
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 1:45 pm

(COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtSetInformationProcess 7C90DC9E 5 Bytes JMP 1002CD60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtUnloadDriver 7C90DEBE 5 Bytes JMP 1002CD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 1002CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 7 Bytes JMP 1002C750 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!RtlAllocateHeap 7C9100C4 5 Bytes JMP 1002C4E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 1002A630 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 1001CE40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ntdll.dll!LdrGetProcedureAddress 7C917EA8 5 Bytes JMP 1002CD40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 1002CC80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 1002CA20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 10027790 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 10028320 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!GetModuleHandleA 7C80B741 5 Bytes JMP 1002CAC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!GetModuleHandleW 7C80E4DD 5 Bytes JMP 1002CAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CreateFileW 7C810800 5 Bytes JMP 1002CC60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!MoveFileWithProgressW 7C81F72E 5 Bytes JMP 1002CB20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!MoveFileW 7C821261 5 Bytes JMP 1002CBA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!OpenFile 7C821982 5 Bytes JMP 1002CCA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CopyFileExW 7C827B32 7 Bytes JMP 1002CBE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CopyFileA 7C8286EE 5 Bytes JMP 1002CC40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CopyFileW 7C82F87B 5 Bytes JMP 1002CC20 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!DeleteFileA 7C831EDD 5 Bytes JMP 1002CB00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!DeleteFileW 7C831F63 5 Bytes JMP 1002CAE0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!MoveFileExW 7C83568B 5 Bytes JMP 1002CB60 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!MoveFileA 7C835EBF 5 Bytes JMP 1002CBC0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!MoveFileWithProgressA 7C835EDE 5 Bytes JMP 1002CB40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!MoveFileExA 7C85E49B 5 Bytes JMP 1002CB80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!CopyFileExA 7C85F39C 5 Bytes JMP 1002CC00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!WinExec 7C86250D 5 Bytes JMP 1002CA40 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] kernel32.dll!LoadModule 7C86261E 5 Bytes JMP 1002CD00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!OpenServiceW 77DE6FFD 2 Bytes JMP 1002D830 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!OpenServiceW + 3 77DE7000 4 Bytes [24, 98, CC, CC] {AND AL, 0x98; INT 3 ; INT 3 }
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!CreateProcessAsUserW 77DEA8A9 5 Bytes JMP 100262C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!OpenServiceA 77DF4C66 7 Bytes JMP 1002D590 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!CreateProcessAsUserA 77E10CE8 5 Bytes JMP 10026BF0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!CreateServiceA 77E37211 7 Bytes JMP 1002DD80 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ADVAPI32.dll!CreateServiceW 77E373A9 7 Bytes JMP 1002DAA0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD145 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254696 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!EndTask 7E45A0A5 5 Bytes JMP 1002E3C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] SHELL32.dll!ShellExecuteExW 7CA0991B 5 Bytes JMP 1002C9A0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] SHELL32.dll!ShellExecuteEx 7CA40E7D 5 Bytes JMP 1002C9C0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] SHELL32.dll!ShellExecuteA 7CA411A8 5 Bytes JMP 1002CA00 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] SHELL32.dll!ShellExecuteW 7CAB5E68 5 Bytes JMP 1002C9E0 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ole32.dll!CoCreateInstanceEx 774FF154 5 Bytes JMP 1002E840 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ole32.dll!CoGetClassObject 775151F5 5 Bytes JMP 1002E600 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E5370 CWINDOWSsystem32IEFRAME.dll (Internet ExplorerMicrosoft Corporation)
.text CProgram FilesInternet Exploreriexplore.exe[4044] WININET.dll!InternetConnectA 3D94DEAE 5 Bytes JMP 1002C980 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)
.text CProgram FilesInternet Exploreriexplore.exe[4044] WININET.dll!InternetConnectW 3D94F862 5 Bytes JMP 1002C960 CWINDOWSsystem32guard32.dll (COMODO Internet SecurityCOMODO)

---- Kernel IATEAT - GMER 1.0.15 ----

IAT SystemRootsystem32DRIVERSndiswan.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndiswan.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSraspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSraspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSraspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSraspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSpsched.sys[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSpsched.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSpsched.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSpsched.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootSystem32DriversNDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootSystem32DriversNDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootSystem32DriversNDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootSystem32DriversNDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERStcpip.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERStcpip.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERStcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSwanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSwanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSwanarp.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSwanarp.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSarp1394.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSarp1394.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSarp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSarp1394.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B7E21740] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B7E21780] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B7E216E0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)
IAT SystemRootsystem32DRIVERSndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B7E217B0] inspect.sys (COMODO Internet Security Firewall DriverCOMODO)

---- User IATEAT - GMER 1.0.15 ----

IAT CProgram FilesInternet Exploreriexplore.exe[4044] @ CWINDOWSsystem32ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] CProgram FilesInternet Explorerxpshims.dll (Internet Explorer Compatibility Shims for XPMicrosoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice DriverTcpip DeviceIp cmdhlp.sys (COMODO Internet Security Helper DriverCOMODO)
AttachedDevice DriverTcpip DeviceTcp cmdhlp.sys (COMODO Internet Security Helper DriverCOMODO)

Device Driveratapi DeviceIdeIdeDeviceP0T0L0-3 sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driveratapi DeviceIdeIdePort0 sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driveratapi DeviceIdeIdePort1 sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driveratapi DeviceIdeIdePort2 sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driveratapi DeviceIdeIdePort3 sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driveratapi DeviceIdeIdeDeviceP3T0L0-19 sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driveratapi DeviceIdeIdeDeviceP2T0L0-e sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)

AttachedDevice DriverTcpip DeviceUdp cmdhlp.sys (COMODO Internet Security Helper DriverCOMODO)
AttachedDevice DriverTcpip DeviceRawIp cmdhlp.sys (COMODO Internet Security Helper DriverCOMODO)

Device Driverusbstor Device0000007b sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driverusbstor Device0000007c sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)
Device Driverusbstor Device0000007d sfsync03.sys (StarForce Protection Synchronization DriverProtection Technology)

---- Registry - GMER 1.0.15 ----

Reg HKLMSOFTWAREClassesCLSID{47629D4B-2AD3-4e50-B716-A66C15C63153}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{47629D4B-2AD3-4e50-B716-A66C15C63153}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{47629D4B-2AD3-4e50-B716-A66C15C63153}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{47629D4B-2AD3-4e50-B716-A66C15C63153}InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLMSOFTWAREClassesCLSID{604BB98A-A94F-4a5c-A67C-D8D3582C741C}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{604BB98A-A94F-4a5c-A67C-D8D3582C741C}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{604BB98A-A94F-4a5c-A67C-D8D3582C741C}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{604BB98A-A94F-4a5c-A67C-D8D3582C741C}InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLMSOFTWAREClassesCLSID{684373FB-9CD8-4e47-B990-5A4466C16034}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{684373FB-9CD8-4e47-B990-5A4466C16034}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{684373FB-9CD8-4e47-B990-5A4466C16034}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{684373FB-9CD8-4e47-B990-5A4466C16034}InprocServer32@2c81e34222e8052573023a60d06dd016 0x7A 0x45 0x05 0xFD ...
Reg HKLMSOFTWAREClassesCLSID{74554CCD-F60F-4708-AD98-D0152D08C8B9}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{74554CCD-F60F-4708-AD98-D0152D08C8B9}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{74554CCD-F60F-4708-AD98-D0152D08C8B9}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{74554CCD-F60F-4708-AD98-D0152D08C8B9}InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLMSOFTWAREClassesCLSID{7EB537F9-A916-4339-B91B-DED8E83632C0}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{7EB537F9-A916-4339-B91B-DED8E83632C0}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{7EB537F9-A916-4339-B91B-DED8E83632C0}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{7EB537F9-A916-4339-B91B-DED8E83632C0}InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLMSOFTWAREClassesCLSID{948395E8-7A56-4fb1-843B-3E52D94DB145}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{948395E8-7A56-4fb1-843B-3E52D94DB145}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{948395E8-7A56-4fb1-843B-3E52D94DB145}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{948395E8-7A56-4fb1-843B-3E52D94DB145}InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLMSOFTWAREClassesCLSID{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLMSOFTWAREClassesCLSID{DE5654CA-EB84-4df9-915B-37E957082D6D}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{DE5654CA-EB84-4df9-915B-37E957082D6D}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{DE5654CA-EB84-4df9-915B-37E957082D6D}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{DE5654CA-EB84-4df9-915B-37E957082D6D}InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLMSOFTWAREClassesCLSID{E39C35E8-7488-4926-92B2-2F94619AC1A5}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{E39C35E8-7488-4926-92B2-2F94619AC1A5}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{E39C35E8-7488-4926-92B2-2F94619AC1A5}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{E39C35E8-7488-4926-92B2-2F94619AC1A5}InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLMSOFTWAREClassesCLSID{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg HKLMSOFTWAREClassesCLSID{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLMSOFTWAREClassesCLSID{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}InprocServer32
Reg HKLMSOFTWAREClassesCLSID{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}InprocServer32@ThreadingModel Apartment
Reg HKLMSOFTWAREClassesCLSID{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}InprocServer32@ CWINDOWSsystem32OLE32.DLL
Reg HKLMSOFTWAREClassesCLSID{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...

---- Files - GMER 1.0.15 ----

File CDocuments and SettingsUserDesktopNew Text Document.txt 0 bytes

---- EOF - GMER 1.0.15 ----
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby deltalima » December 22nd, 2010, 2:39 pm

Hi sarasara,

Could you let me know when the problem with Q-Word search first started.

Would 11:35 on December 2nd fit with the first appearance of the symptoms?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 3:15 pm

Hi Deltalima,
is it possible I can locate that info on the pc? What happened was I tried to use window movie maker and was told I had to download codecs. I think I downloaded them from Brothersoft. In order to get them I had to agree to accept on approval two programes; one a registry cleaner. Immediatly after the download I uninstalled them but Q -word appeared. can't remember the date but it could be as suggsted. Could we can match 11:35 on December 2nd to a program download list in some sort of history log?
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby deltalima » December 22nd, 2010, 3:19 pm

Would one of the programs downloaded be named W3i, PC Optimizer Pro, or ffdshow ?
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 3:31 pm

Forgive my memory due to age but I think that was the occasion when q-word appeared and PC Optimizer Pro sounds a possibility

It is theirs:

http://www.brothersoft.com/pc-optimizer-pro-87161.html

Since uninstalling Kaspersky I am receiving multiple applications to allow FINDFAST.EXE and have been refusing the request. It is hard to work on the PC because everytime I refuse it the Comodo windows appears again asking me what to do.
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby deltalima » December 22nd, 2010, 4:12 pm

Hi sarasara,

multiple applications to allow FINDFAST.EXE and have been refusing the request.


That is part of Microsoft Office and should be allowed.

Forgive my memory due to age but I think that was the occasion when q-word appeared and PC Optimizer Pro sounds a possibility


It's OK, I don't expect you to remember the exact moment, I just wanted to check that the path we are following fits the approximate time frame. It looks like we have identified the source of the problem, we still need to do more investigation to find the actual infection.

Download SystemLook and save it to your Desktop.

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: Select all
    :dir
    C:\Program Files\ffdshow /s
    C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro /s
    C:\Program Files\W3i /s
    C:\Documents and Settings\All Users\Application Data\W3i /s
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Please also post the log from the first scan with Malwarebytes.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Cant remove Q-Word Search

Unread postby sarasara » December 22nd, 2010, 4:18 pm

Findfast allowed. thanks :)

SystemLook 04.09.10 by jpshortstuff
Log created at 19:18 on 22/12/2010 by User
Administrator - Elevation successful

========== dir ==========

C:\Program Files\ffdshow - Parameters: "/s"

---Files---
Boost_Software_License_1.0.txt --a---- 1563 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Changes.txt --a---- 179 bytes [11:39 02/12/2010] [13:56 30/12/2009]
gnu_license.txt --a---- 17858 bytes [11:39 02/12/2010] [21:34 06/12/2009]
openIE.js --a---- 1708 bytes [11:39 02/12/2010] [21:34 06/12/2009]
unins000.dat --a---- 36345 bytes [11:39 02/12/2010] [11:39 02/12/2010]

C:\Program Files\ffdshow\custom matrices d------ [11:39 02/12/2010]
andreas_78er.matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
andreas_doppelte_99er.matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
andreas_einfache_99er.matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Bulletproof's Heavy Compression Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Bulletproof's High Quality Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
CG-Animation Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_autogk_sharp.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_v1.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_v3ehr.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_v3hr.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_v3lr.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_v3uhr_rev2.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
eqm_v3ulr_rev3.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
hvs-best-picture.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
hvs-better-picture.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
hvs-good-picture.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Low Bitrate Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
MPEG.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
pvcd.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Soulhunters V3.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Soulhunters V5.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Standard.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Ultimate Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Ultra Low Bitrate Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]
Very Low Bitrate Matrix.xcm --a---- 128 bytes [11:39 02/12/2010] [21:34 06/12/2009]

C:\Program Files\ffdshow\languages d------ [11:39 02/12/2010]
ffdshow.1026.bg --a---- 82598 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1028.tc --a---- 110554 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1029.cz --a---- 121004 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1031.de --a---- 78406 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1033.en --a---- 9 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1034.es --a---- 170032 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1035.fi --a---- 69860 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1036.fr --a---- 140356 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1040.it --a---- 85420 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1045.pl --a---- 75524 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1046.br --a---- 11084 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.1053.se --a---- 9802 bytes [11:39 02/12/2010] [21:34 06/12/2009]
ffdshow.2052.sc --a---- 67828 bytes [11:39 02/12/2010] [21:34 06/12/2009]

C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro - Parameters: "/s"

---Files---
None found.

C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro\LOGS d------ [11:36 02/12/2010]
REG_LOGS_12_02_2010_11_36_41_AM.log --a---- 211187 bytes [11:36 02/12/2010] [11:41 02/12/2010]
TRACKS_LOGS_12_02_2010_11_36_41_AM.log --a---- 663 bytes [11:36 02/12/2010] [11:36 02/12/2010]

C:\Program Files\W3i - Parameters: "/s"

---Files---
None found.

C:\Program Files\W3i\InstallIQUpdater d------ [11:35 02/12/2010]
iqu.xsl --a---- 10208 bytes [13:15 18/06/2010] [13:15 18/06/2010]

C:\Program Files\W3i\InstallIQUpdater\images d------ [11:35 02/12/2010]
btn_bg.gif -ra---- 46 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_cog.gif -ra---- 402 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_cog.png -ra---- 512 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_help.gif -ra---- 387 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_help.png -ra---- 786 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_information.gif -ra---- 381 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_information.png -ra---- 778 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_installed.gif -ra---- 102 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_installed.png -ra---- 237 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_updates.gif -ra---- 336 bytes [13:15 18/06/2010] [13:15 18/06/2010]
ico_updates.png -ra---- 500 bytes [13:15 18/06/2010] [13:15 18/06/2010]
iqu_logo.jpg -ra---- 2094 bytes [13:15 18/06/2010] [13:15 18/06/2010]
tab_bg.gif -ra---- 167 bytes [13:15 18/06/2010] [13:15 18/06/2010]
tab_bg_o.gif -ra---- 46 bytes [13:15 18/06/2010] [13:15 18/06/2010]
temp_icon.gif -ra---- 118 bytes [13:15 18/06/2010] [13:15 18/06/2010]

C:\Documents and Settings\All Users\Application Data\W3i - Parameters: "/s"

---Files---
None found.

C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater d------ [11:35 02/12/2010]
data.xml --a---- 1315 bytes [11:40 02/12/2010] [15:54 11/12/2010]
updater.log --a---- 720 bytes [11:35 02/12/2010] [16:30 11/12/2010]
upgrades.xml --a---- 20 bytes [10:43 03/12/2010] [10:06 11/12/2010]

-= EOF =-
sarasara
Regular Member
 
Posts: 52
Joined: December 11th, 2010, 6:06 pm

Re: Cant remove Q-Word Search

Unread postby deltalima » December 22nd, 2010, 4:40 pm

Hi sarasara,

Please run SystemLook again then copy and paste the following then run the scan and post the log in your next reply.

Code: Select all
:contents
C:\Program Files\ffdshow\openIE.js
C:\Documents and Settings\All Users\Application Data\W3i\InstallIQUpdater\updater.log


Now please run Malwarebytes, update to the latest version then run update again to get the latest definitions. Run a quick scan and post the log in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 295 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware