Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7: Upload gering, Laptop langsam, Virus?

Windows 7: Upload gering, Laptop langsam, Virus?


Plagegeister aller Art und deren Bekämpfung: Windows 7: Upload gering, Laptop langsam, Virus?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.04.2014, 22:12   #1
amicelli
 
Windows 7: Upload gering, Laptop langsam, Virus? - Standard

Windows 7: Upload gering, Laptop langsam, Virus?


Hallo liebes Trojaner-team,

habe seit zwei wochen das bei meinen mitbewohnern schnelle internet (UPC) nicht nutzen können, da upload und download zu gering waren. hab versucht mit linux im internet zu arbeiten und es hat normal funktioniert. habe daraufhin meinen laptop neu aufgesetzt und kann das internet zumindest wieder nutzen. upload is allerdings immer noch gering und der speedtest auf dsl schlägt immer fehl.

seltsam ist, dass der laptop nicht nur im internet, sondern auch außerhalb langsam ist. muss oft ewig warten, um ein programm zu öffnen und wenn der virenscanner läuft, kann ich nebenbei gar nichts mehr machen.

ist hier ein virus im spiel? wenn ja, wie kann ich ihn erkennen und loswerden?

ich habe die anleitung für hilfesuchende befolgt und poste die logfiles unter der nachricht und die von frst im anhang!

ich freue mich sehr, wenn ihr mir helfen könntet!

liebe grüße


logfiles:

defogger:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:57 on 05/04/2014 (Elisa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


gmer:


GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-05 20:35:37
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD75 rev.01.0 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\Elisa\AppData\Local\Temp\ugloapoc.sys


---- User code sections - GMER 2.1 ----

.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1624] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Windows\system32\Dwm.exe[2848] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\ProgramData\DatacardService\DCSHelper.exe[3028] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE[1544] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE[2120] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe[2684] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3088] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3104] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[3116] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\WINDOWS\System32\igfxpers.exe[3212] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe[3364] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[3384] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Dell\QuickSet\quickset.exe[3528] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe[3696] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[3756] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe[3820] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 00000000772cefe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000772f99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000773094d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 0000000077309640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 000000007732a500 7 bytes JMP 000000016fff01b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe[4016] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe[4104] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4196] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4284] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Windows\system32\wbem\unsecapp.exe[4532] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe[5644] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[6372] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000076df5ea5 5 bytes JMP 00000001718f1ce0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[6632] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000076e29d0b 5 bytes JMP 00000001718f1c70
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077661465 2 bytes [66, 77]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[6100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000776614bb 2 bytes [66, 77]
.text ... * 2
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd4a2db0 5 bytes JMP 000007fffd490180
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd4a37d0 7 bytes JMP 000007fffd4900d8
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd4a8ef0 6 bytes JMP 000007fffd490148
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd4baf60 5 bytes JMP 000007fffd490110
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\ole32.dll!CoCreateInstance 000007fefd797490 11 bytes JMP 000007fffd490228
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007fefd7abf00 7 bytes JMP 000007fffd490260
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefe1289e0 8 bytes JMP 000007fffd4901f0
.text C:\Windows\system32\wuauclt.exe[3896] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefe12be40 8 bytes JMP 000007fffd4901b8
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000769a13e1 7 bytes JMP 00000001718f1e90
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 00000000769bb1d3 5 bytes JMP 00000001718f1da0
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 0000000076a388b4 7 bytes JMP 00000001718f1d90
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000076a38939 5 bytes JMP 00000001718f1e80
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000076a38c8f 5 bytes JMP 00000001718f1e10
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000076f71d1b 5 bytes JMP 00000001718f2450
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000076f71dc9 5 bytes JMP 00000001718f24b0
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076f72aa4 5 bytes JMP 00000001718f2520
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000076f72d0a 5 bytes JMP 00000001718f2670
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 0000000075a0e96b 5 bytes JMP 00000001718f1a00
.text C:\Users\Elisa\Downloads\Gmer-19357.exe[7744] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 0000000075a0eba5 5 bytes JMP 00000001718f1a90
---- Processes - GMER 2.1 ----

Library C:\Users\Elisa\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756](2014-04-01 19:16:34) 0000000003fb0000
Library c:\users\elisa\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeoogtp.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756](2014-04-05 16:42:13) 00000000028f0000
Library C:\Users\Elisa\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756](2014-04-01 19:16:34) 000000006bc30000
Library C:\Users\Elisa\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Elisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [3756] (ICU Data DLL/The ICU Project)(2014-04-01 19:16:34) 0000000068d70000

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac72892e4d01
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac72892e4d01 (not active ControlSet)

---- EOF - GMER 2.1 ----

 

Themen zu Windows 7: Upload gering, Laptop langsam, Virus?
.dll, avira, download, dsl, harddisk, ics, internet, langsam, logfiles, loswerden, neu, nvidia, officejet, programm, realtek, registry, scan, service.exe, software, speedtest, system, temp, virus, virus?, webcam, windows, wuauclt.exe


« Fremdzugriff ! adwCleaner erkennt Dateien. Beweisfindung! | email zip datei geöffnet »


Ähnliche Themen: Windows 7: Upload gering, Laptop langsam, Virus?


  1. Windows 7: Laptop extrem langsam
    Log-Analyse und Auswertung - 24.09.2015 (12)
  2. Windows 7 Lüfter durchgehend laut CPU Auslastung gering - PC neu aufgesetzt nach Virenbefall
    Log-Analyse und Auswertung - 19.02.2015 (18)
  3. Laptop sehr langsam und wird schnell heiß wenn man games zockt virus? internet spackt auch oft ab (nur laptop)
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (3)
  4. Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering
    Plagegeister aller Art und deren Bekämpfung - 27.11.2014 (17)
  5. Virus, Maleware...Laptop plötzlich langsam
    Plagegeister aller Art und deren Bekämpfung - 25.08.2014 (4)
  6. Windows 7 Laptop langsam II
    Log-Analyse und Auswertung - 10.08.2014 (11)
  7. Windows 7 Laptop langsam
    Log-Analyse und Auswertung - 09.07.2014 (7)
  8. Windows 7: Laptop extrem langsam
    Log-Analyse und Auswertung - 22.05.2014 (14)
  9. [Verdacht] Virus, Malware etc. - Laptop langsam
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (9)
  10. Windows 7 / Virus entfernt/ Laptop und Firefox trotzdem sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (9)
  11. Win7 Laptop sehr langsam, Virus vermutet
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (11)
  12. Upload Speed zu langsam
    Netzwerk und Hardware - 16.05.2012 (13)
  13. Downloadgeschwindigkeit zu gering - Upload perfekt
    Log-Analyse und Auswertung - 07.05.2012 (22)
  14. Laptop sehr langsam, steckt ein Virus o.Ä. dahinter?
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (1)
  15. Computer insgesamt sehr langsam / bei Upload stürzt das Internet ab
    Plagegeister aller Art und deren Bekämpfung - 24.05.2011 (7)
  16. Downoad und Upload sehr langsam!
    Log-Analyse und Auswertung - 01.04.2011 (1)
  17. Laptop nach Virus sehr langsam
    Log-Analyse und Auswertung - 08.05.2009 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Upload gering, Laptop langsam, Virus? - Hallo liebes Trojaner-team, habe seit zwei wochen das bei meinen mitbewohnern schnelle internet (UPC) nicht nutzen können, da upload und download zu gering waren. hab versucht mit linux im internet - Windows 7: Upload gering, Laptop langsam, Virus?...
Archiv
Du betrachtest: Windows 7: Upload gering, Laptop langsam, Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131