| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatischWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.02.2011, 15:05
| #16 |
 |  Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Sorry für den Doppelpost, aber GMER hat in den ersten Beitrag nicht mehr reingepasst und als Anlage war es zu groß  Ich wünsche allen ein schönes Wochenende und schon einmal Danke Arne! Code:
ATTFilter GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-02-04 14:46:37
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS542525K9SA00 rev.BBFOC33P
Running: cx9portj.exe; Driver: C:\Users\Robert\AppData\Local\Temp\kwroqfow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x8C7BA728]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x8C7BA7D8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x8C7BA870]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8C7CE82E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8C7CE652]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8C7CE78C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 8305A599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8307EF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 23C 8308674C 4 Bytes [28, A7, 7B, 8C]
.text ntkrnlpa.exe!RtlSidHashLookup + 3FC 8308690C 4 Bytes [D8, A7, 7B, 8C]
.text ntkrnlpa.exe!RtlSidHashLookup + 54C 83086A5C 4 Bytes [70, A8, 7B, 8C] {JO 0xffffffffffffffaa; JNP 0xffffffffffffff90}
PAGE ntkrnlpa.exe!ZwLoadDriver 831B8291 7 Bytes JMP 8C7CE790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8321FFBF 5 Bytes JMP 8C7CA1EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject + 27 83239CF3 5 Bytes JMP 8C7CBCA0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 83247D63 2 Bytes JMP 8C7CE656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection + 3 83247D66 4 Bytes [58, 09, CC, CC] {POP EAX; OR ESP, ECX; INT 3 }
PAGE ntkrnlpa.exe!ZwCreateProcessEx 832F1EAC 7 Bytes JMP 8C7CE832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
? System32\Drivers\sppp.sys Das System kann den angegebenen Pfad nicht finden. !
PAGE ataport.SYS!DllUnload + 1 8C084AD7 4 Bytes JMP 85B421D9
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x92A13000, 0x2D5378, 0xE8000020]
.text USBPORT.SYS!DllUnload 931CECA0 5 Bytes JMP 86E1E4E0
.text a7nmkmsd.SYS 92F97000 12 Bytes [44, C8, 42, 83, EE, C6, 42, ...]
.text a7nmkmsd.SYS 92F9700D 9 Bytes [A7, 42, 83, 48, CB, 42, 83, ...] {CMPSD ; INC EDX; OR DWORD [EAX-0x35], 0x42; ADD DWORD [EAX], 0x0}
.text a7nmkmsd.SYS 92F97017 20 Bytes [00, DE, 57, F3, 8B, E6, 55, ...]
.text a7nmkmsd.SYS 92F9702C 149 Bytes [00, 00, 00, 00, D0, 51, 05, ...]
.text a7nmkmsd.SYS 92F970C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text user32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0
.text user32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text user32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0
.text user32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text user32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30
.text user32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720
.text user32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[312] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchFilterHost.exe[316] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynToshiba.exe[320] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\wininit.exe[452] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\wininit.exe[452] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wininit.exe[452] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\services.exe[500] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\services.exe[500] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\lsass.exe[532] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\lsass.exe[532] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\lsm.exe[540] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\lsm.exe[540] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\winlogon.exe[576] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[684] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[684] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[764] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[780] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[780] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atiesrxx.exe[828] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\System32\svchost.exe[916] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\System32\svchost.exe[916] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[916] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\System32\svchost.exe[964] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\System32\svchost.exe[964] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[964] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[996] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[996] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[996] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1156] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\atieclxx.exe[1204] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe[1284] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe[1364] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[1400] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Windows Sidebar\sidebar.exe[1592] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe[1620] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe[1672] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iTunes\iTunesHelper.exe[1684] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\Dwm.exe[1700] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\Explorer.EXE[1732] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\Explorer.EXE[1732] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\Explorer.EXE[1732] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\vsnpstd3.exe[1948] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1956] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe[1968] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[1976] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\spoolsv.exe[2344] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2352] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskhost.exe[2388] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2400] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\rundll32.exe[2476] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2572] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\taskeng.exe[2584] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe[2644] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Bonjour\mDNSResponder.exe[2748] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2780] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2780] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2820] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[2820] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ICQ6Toolbar\ICQ Service.exe[2848] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[2904] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[2904] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[2996] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\System32\svchost.exe[2996] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe[3020] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3056] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3056] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe[3088] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchProtocolHost.exe[3156] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\wbem\wmiprvse.exe[3284] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\svchost.exe[3448] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\iPod\bin\iPodService.exe[3488] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\SearchIndexer.exe[3696] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Windows\system32\WUDFHost.exe[4060] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] ntdll.dll!LdrUnloadDll 777FBF1F 5 Bytes JMP 64D069B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] ntdll.dll!LdrLoadDll 777FF625 5 Bytes JMP 64D06950 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!UnhookWindowsHookEx 75CFCC7B 3 Bytes JMP 64D0BCB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!UnhookWindowsHookEx + 4 75CFCC7F 1 Byte [EF]
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!UnhookWinEvent 75CFD924 3 Bytes JMP 64D0B8A0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!UnhookWinEvent + 4 75CFD928 1 Byte [EF]
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!SetWindowsHookExW 75D0210A 5 Bytes JMP 64D0BB30 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!SetWinEventHook 75D0507E 5 Bytes JMP 64D0B720 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Users\Robert\Desktop\cx9portj.exe[4376] USER32.dll!SetWindowsHookExA 75D26DFA 5 Bytes JMP 64D0B9B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8BE39042] \SystemRoot\System32\Drivers\sppp.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8BE396D6] \SystemRoot\System32\Drivers\sppp.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8BE39800] \SystemRoot\System32\Drivers\sppp.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8BE3913E] \SystemRoot\System32\Drivers\sppp.sys
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\a7nmkmsd.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74212494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [741F5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [741F56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7421250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74208573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74204D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742050CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742051A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [742066D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742082CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74208819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7420907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7420E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1732] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74204C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe[1916] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2476] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2476] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2476] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[2476] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75845E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 867DF1F8
Device \Driver\sptd \Device\3732450280 sppp.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl 85B441F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{A4E30E05-8018-4FB8-B24C-232E95FE5BE7} 86CB91F8
Device \Driver\usbohci \Device\USBPDO-0 86E1F1F8
Device \Driver\usbohci \Device\USBPDO-1 86E1F1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{32B466E9-CD9C-4600-B614-A2C10CEB9170} 86CB91F8
Device \Driver\usbohci \Device\USBPDO-2 86E1F1F8
Device \Driver\usbohci \Device\USBPDO-3 86E1F1F8
Device \Driver\usbohci \Device\USBPDO-4 86E1F1F8
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\usbehci \Device\USBPDO-5 86E231F8
Device \Driver\volmgr \Device\HarddiskVolume1 85B441F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 85B441F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 86CD51F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 85B461F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-3 85B461F8
Device \Driver\atapi \Device\Ide\IdePort0 85B461F8
Device \Driver\atapi \Device\Ide\IdePort1 85B461F8
Device \Driver\atapi \Device\Ide\IdePort2 85B461F8
Device \Driver\atapi \Device\Ide\IdePort3 85B461F8
Device \Driver\volmgr \Device\HarddiskVolume3 85B441F8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom1 86CD51F8
Device \Driver\PCI_PNP6278 \Device\00000067 sppp.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 86CB91F8
Device \Driver\ACPI_HAL \Device\0000005c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\NetBT \Device\NetBT_Tcpip_{8BC521FC-0AC5-4083-8AC6-182C6E750D77} 86CB91F8
Device \Driver\usbohci \Device\USBFDO-0 86E1F1F8
Device \Driver\usbohci \Device\USBFDO-1 86E1F1F8
Device \Driver\usbohci \Device\USBFDO-2 86E1F1F8
Device \Driver\usbohci \Device\USBFDO-3 86E1F1F8
Device \Driver\usbohci \Device\USBFDO-4 86E1F1F8
Device \Driver\usbehci \Device\USBFDO-5 86E231F8
Device \Driver\USBSTOR \Device\0000008b 86D461F8
Device \Driver\USBSTOR \Device\0000008c 86D461F8
Device \Driver\a7nmkmsd \Device\Scsi\a7nmkmsd1 86F21500
Device \Driver\a7nmkmsd \Device\Scsi\a7nmkmsd1Port4Path0Target0Lun0 86F21500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x25 0x02 0x8A 0x0B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD8 0xC3 0xF0 0x6E ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x57 0x2F 0xEB 0x19 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xD8 0x4D 0x0E 0x3F ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x25 0x02 0x8A 0x0B ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xD8 0xC3 0xF0 0x6E ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x57 0x2F 0xEB 0x19 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xD8 0x4D 0x0E 0x3F ...
---- EOF - GMER 1.0.15 ----
Geändert von r0b (04.02.2011 um 15:26 Uhr) |
|
04.02.2011, 15:30
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Das Log von MBRCheck ist unvollständig.
__________________
__________________ |
|
04.02.2011, 15:36
| #18 |
| | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Oh sorry, dachte der sei schon fertig.
__________________Hier nochmal Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: TOSHIBA
BIOS Manufacturer: TOSHIBA
System Manufacturer: TOSHIBA
System Product Name: Satellite A210
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 212):
0x83017000 \SystemRoot\system32\ntkrnlpa.exe
0x83427000 \SystemRoot\system32\halmacpi.dll
0x80BA6000 \SystemRoot\system32\kdcom.dll
0x83616000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x83621000 \SystemRoot\system32\PSHED.dll
0x83632000 \SystemRoot\system32\BOOTVID.dll
0x8363A000 \SystemRoot\system32\CLFS.SYS
0x8367C000 \SystemRoot\system32\CI.dll
0x83727000 \SystemRoot\system32\drivers\Wdf01000.sys
0x83798000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8BE37000 \SystemRoot\System32\Drivers\sppp.sys
0x8BF2A000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8BF33000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x8BF59000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8BFA1000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8BFA9000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8BFB4000 \SystemRoot\system32\DRIVERS\pci.sys
0x8BFDE000 \SystemRoot\System32\drivers\partmgr.sys
0x8BFEF000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8BE00000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8BE0B000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x837A6000 \SystemRoot\System32\drivers\volmgrx.sys
0x8BE1B000 \SystemRoot\system32\DRIVERS\pciide.sys
0x8BE22000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8C022000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x8C050000 \SystemRoot\System32\drivers\mountmgr.sys
0x8C066000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8C06F000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8C092000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8C09B000 \SystemRoot\system32\drivers\fltmgr.sys
0x8C0CF000 \SystemRoot\system32\drivers\fileinfo.sys
0x8C203000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8C332000 \SystemRoot\System32\Drivers\msrpc.sys
0x8C35D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8C370000 \SystemRoot\System32\Drivers\cng.sys
0x8C3CD000 \SystemRoot\System32\drivers\pcw.sys
0x8C3DB000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8C0E0000 \SystemRoot\system32\drivers\ndis.sys
0x8C197000 \SystemRoot\system32\drivers\NETIO.SYS
0x8C1D5000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8C41C000 \SystemRoot\System32\drivers\tcpip.sys
0x8C565000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8C596000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8C59F000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8C5DE000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
0x8C5E3000 \SystemRoot\System32\Drivers\spldr.sys
0x8C607000 \SystemRoot\System32\drivers\rdyboost.sys
0x8C634000 \SystemRoot\System32\Drivers\mup.sys
0x8C644000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8C64C000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8C67E000 \SystemRoot\system32\drivers\dlkmdldr.sys
0x8C685000 \SystemRoot\system32\DRIVERS\disk.sys
0x8C696000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8C6ED000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8C70C000 \SystemRoot\System32\Drivers\Null.SYS
0x8C713000 \SystemRoot\System32\Drivers\Beep.SYS
0x8C71A000 \SystemRoot\System32\drivers\vga.sys
0x8C726000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8C747000 \SystemRoot\System32\drivers\watchdog.sys
0x8C754000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8C75C000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8C764000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8C76C000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8C777000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8C785000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8C79C000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8C7A7000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x91A27000 \SystemRoot\system32\drivers\afd.sys
0x91A81000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x91A86000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91AB8000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x91ABF000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91ADE000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x91AEF000 \SystemRoot\system32\DRIVERS\netbios.sys
0x91AFD000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x91B10000 \SystemRoot\system32\DRIVERS\termdd.sys
0x91B20000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x91B61000 \SystemRoot\system32\drivers\nsiproxy.sys
0x91B6B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x91B75000 \SystemRoot\System32\drivers\discache.sys
0x91B81000 \SystemRoot\system32\drivers\csc.sys
0x91BE5000 \SystemRoot\System32\Drivers\dfsc.sys
0x91A00000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8C7B1000 \SystemRoot\System32\Drivers\aswSP.SYS
0x91A0E000 \SystemRoot\system32\DRIVERS\amdk8.sys
0x92A12000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x92F27000 \SystemRoot\system32\drivers\dlkmd.sys
0x92204000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x922BB000 \SystemRoot\System32\drivers\dxgmms1.sys
0x922F4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x92313000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x93017000 \SystemRoot\system32\DRIVERS\athw.sys
0x931A0000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x931AA000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x93000000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x9300F000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x92356000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x9236E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x9237B000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x93015000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x923AB000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x931F5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x923B8000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x92F68000 \SystemRoot\system32\drivers\tifm21.sys
0x923E4000 \SystemRoot\system32\drivers\sdbus.sys
0x92F96000 \SystemRoot\System32\Drivers\a7nmkmsd.SYS
0x92FCF000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x92FDC000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8C400000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x92FEE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x99017000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x99039000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x99051000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x99068000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x9907F000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x99089000 \SystemRoot\system32\DRIVERS\swenum.sys
0x9908B000 \SystemRoot\system32\DRIVERS\ks.sys
0x990BF000 \SystemRoot\system32\DRIVERS\lgbtbus.sys
0x990C2000 \SystemRoot\system32\DRIVERS\umbus.sys
0x990D0000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x99114000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x99125000 \SystemRoot\system32\DRIVERS\lgvmodem.sys
0x99129000 \SystemRoot\system32\drivers\modem.sys
0x99136000 \SystemRoot\system32\DRIVERS\lgbtport.sys
0x99139000 \SystemRoot\system32\drivers\AtiHdmi.sys
0x99157000 \SystemRoot\system32\drivers\portcls.sys
0x99186000 \SystemRoot\system32\drivers\drmk.sys
0x99224000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x9932A000 \SystemRoot\system32\drivers\HdAudio.sys
0x9A640000 \SystemRoot\System32\win32k.sys
0x9937A000 \SystemRoot\System32\drivers\Dxapi.sys
0x99384000 \SystemRoot\System32\Drivers\crashdmp.sys
0x99391000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x9939C000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x993A5000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x993B6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9A8A0000 \SystemRoot\System32\TSDDD.dll
0x993C1000 \SystemRoot\system32\DRIVERS\ser2pl.sys
0x993DA000 \SystemRoot\system32\DRIVERS\serenum.sys
0x9A8D0000 \SystemRoot\System32\cdd.dll
0x993E4000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x99200000 \SystemRoot\system32\drivers\luafv.sys
0x9919F000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x9921B000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x991D6000 \SystemRoot\system32\drivers\WudfPf.sys
0x99000000 \SystemRoot\system32\DRIVERS\ax88772.sys
0x8C6BB000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8C6D2000 \SystemRoot\system32\drivers\usbaudio.sys
0x991F0000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x8C5EB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x931F9000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x92A00000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8C3E4000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8C3F0000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9941B000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x99461000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x99471000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x99484000 \SystemRoot\system32\drivers\HTTP.sys
0x99509000 \SystemRoot\system32\DRIVERS\bowser.sys
0x99522000 \SystemRoot\System32\drivers\mpsdrv.sys
0x99534000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x99557000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x99592000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA4417000 \SystemRoot\system32\drivers\peauth.sys
0xA44AE000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA44B8000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA44D9000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA44E6000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA4535000 \SystemRoot\System32\DRIVERS\srv.sys
0xA45A7000 \??\C:\Users\Robert\AppData\Local\Temp\kwroqfow.sys
0xA45BF000 \??\C:\Windows\system32\drivers\mbam.sys
0xAF086000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x777A0000 \Windows\System32\ntdll.dll
0x47600000 \Windows\System32\smss.exe
0x779E0000 \Windows\System32\apisetschema.dll
0x00920000 \Windows\System32\autochk.exe
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
0x77950000 \Windows\System32\comdlg32.dll
0x77910000 \Windows\System32\ws2_32.dll
0x77900000 \Windows\System32\normaliz.dll
0x76B50000 \Windows\System32\shell32.dll
0x76B00000 \Windows\System32\Wldap32.dll
0x778E0000 \Windows\System32\sechost.dll
0x76AA0000 \Windows\System32\difxapi.dll
0x769A0000 \Windows\System32\wininet.dll
0x76840000 \Windows\System32\ole32.dll
0x767A0000 \Windows\System32\usp10.dll
0x766F0000 \Windows\System32\rpcrt4.dll
0x76650000 \Windows\System32\advapi32.dll
0x76630000 \Windows\System32\imm32.dll
0x76620000 \Windows\System32\lpk.dll
0x76480000 \Windows\System32\setupapi.dll
0x763D0000 \Windows\System32\msvcrt.dll
0x76340000 \Windows\System32\clbcatq.dll
0x762F0000 \Windows\System32\gdi32.dll
0x76260000 \Windows\System32\oleaut32.dll
0x76250000 \Windows\System32\nsi.dll
0x76170000 \Windows\System32\kernel32.dll
0x76030000 \Windows\System32\urlmon.dll
0x75FD0000 \Windows\System32\shlwapi.dll
0x75FC0000 \Windows\System32\psapi.dll
0x75DC0000 \Windows\System32\iertutil.dll
0x75CF0000 \Windows\System32\user32.dll
0x75CC0000 \Windows\System32\imagehlp.dll
0x75BF0000 \Windows\System32\msctf.dll
0x75BC0000 \Windows\System32\wintrust.dll
0x75B70000 \Windows\System32\KernelBase.dll
0x75B50000 \Windows\System32\devobj.dll
0x75A30000 \Windows\System32\crypt32.dll
0x75A00000 \Windows\System32\cfgmgr32.dll
0x75970000 \Windows\System32\comctl32.dll
0x75960000 \Windows\System32\msasn1.dll
Processes (total 67):
0 System Idle Process
4 System
288 C:\Windows\System32\smss.exe
380 csrss.exe
452 C:\Windows\System32\wininit.exe
464 csrss.exe
500 C:\Windows\System32\services.exe
532 C:\Windows\System32\lsass.exe
540 C:\Windows\System32\lsm.exe
576 C:\Windows\System32\winlogon.exe
684 C:\Windows\System32\svchost.exe
780 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\atiesrxx.exe
916 C:\Windows\System32\svchost.exe
964 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\atieclxx.exe
1284 C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
1364 C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
1400 C:\Windows\System32\svchost.exe
1672 C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
1700 C:\Windows\System32\dwm.exe
1732 C:\Windows\explorer.exe
1948 C:\Windows\vsnpstd3.exe
1956 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1968 C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe
1976 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
312 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
320 C:\Program Files\Synaptics\SynTP\SynToshiba.exe
764 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1120 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
1684 C:\Program Files\iTunes\iTunesHelper.exe
1592 C:\Program Files\Windows Sidebar\sidebar.exe
1916 C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe
2344 C:\Windows\System32\spoolsv.exe
2352 C:\Windows\System32\taskeng.exe
2388 C:\Windows\System32\taskhost.exe
2400 C:\Windows\System32\svchost.exe
2476 C:\Windows\System32\rundll32.exe
2572 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2584 C:\Windows\System32\taskeng.exe
2644 C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
2748 C:\Program Files\Bonjour\mDNSResponder.exe
2780 C:\Windows\System32\svchost.exe
2820 C:\Windows\System32\svchost.exe
2848 C:\Program Files\ICQ6Toolbar\ICQ Service.exe
2904 C:\Windows\System32\svchost.exe
2996 C:\Windows\System32\svchost.exe
3020 C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
3056 C:\Windows\System32\svchost.exe
3088 C:\Program Files\Splashtop\Splashtop Remote Software Updater\WCUService.exe
3448 C:\Windows\System32\svchost.exe
3488 C:\Program Files\iPod\bin\iPodService.exe
3696 C:\Windows\System32\SearchIndexer.exe
4856 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
4696 C:\Windows\System32\svchost.exe
3316 C:\Program Files\Windows Media Player\wmpnetwk.exe
3268 WmiPrvSE.exe
2276 WmiPrvSE.exe
2628 C:\Windows\System32\SearchProtocolHost.exe
3152 C:\Windows\System32\SearchFilterHost.exe
5700 C:\Windows\System32\audiodg.exe
3424 C:\Program Files\Safari\Safari.exe
2172 C:\Users\Robert\Desktop\MBRCheck.exe
5796 C:\Windows\System32\conhost.exe
4968 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)
PhysicalDrive0 Model Number: HitachiHTS542525K9SA00, Rev: BBFOC33P
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
|
|
04.02.2011, 15:45
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.02.2011, 15:51
| #20 |
| | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch OK, danke danke erstmal bis hierher. Die Scans mach ich dann nach dem Wochenende, weil ich jetzt los muss. Ich poste dann die Logs. Schönes Wochenende |
|
08.02.2011, 10:58
| #21 |
| | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Hey, hier die Scan-Logs: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5709
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
08.02.2011 10:56:06
mbam-log-2011-02-08 (10-56-06).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 257757
Laufzeit: 57 Minute(n), 10 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 02/08/2011 at 09:42 AM
Application Version : 4.48.1000
Core Rules Database Version : 6354
Trace Rules Database Version: 4166
Scan type : Complete Scan
Total Scan Time : 01:20:32
Memory items scanned : 748
Memory threats detected : 0
Registry items scanned : 10390
Registry threats detected : 0
File items scanned : 113708
File threats detected : 12
Adware.Tracking Cookie
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@content.yieldmanager[1].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@tracking.quisma[1].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@doubleclick[1].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@adfarm1.adition[1].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@atdmt.combing[2].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@atdmt[2].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@ad.yieldmanager[2].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@tracking.hannoversche[2].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@ad4.adfarm1.adition[1].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@ad2.adfarm1.adition[1].txt
C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Cookies\robert@content.yieldmanager[3].txt
Trojan.Agent/Gen-Cryptor[Virut]
C:\TOSHIBA\WEBSHOPS\EBAY\ADDTOOLBARBUTTON.EXE
|
|
08.02.2011, 11:20
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Ein Fehlalarm und der Rest nur Cookies, harmlos. Recher wieder ok?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2011, 11:22
| #23 |
| | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Jo der Rechner macht wieder das was er soll und das Sicherheitscenter funktioniert auch wieder. Vielen Dank!!! |
|
08.02.2011, 11:42
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch Dann wären wir durch!  Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner TR/Crypt.XPACK.Gen3 eingefangen | Sicherheitscenter deaktiviert sich automatisch |
| antivir, automatisch, avast, avast!, computer, crypt.xpack.gen, dateien, defekt, defender, explorer, fehler, hijack.zones, internet, laptop, log-files, malwarebytes, microsoft, minianwendungen, namen, neu, programm, registry, scan, seite, sich automatisch, software, tr/crypt.xpack.ge, tr/crypt.xpack.gen, trojaner, trojaner tr/crypt.xpack.gen, unwissenden, windows |
Linear-Darstellung
