Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last

Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last


Plagegeister aller Art und deren Bekämpfung: Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.11.2015, 21:14   #1
Zachariel
 
Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last - Standard

Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last


Guten Tag,
seit ca. 2 Tagen habe ich ein Problem mit meinem Notebook. Meine Tastatur reagiert extrem verzögert und/oder gar nicht. Es wirkt fast so, als gebe es nur bestimmte Zeitschlitze in denen mein Rechner Tastendrücke bearbeitet.
Gleich vorab, bisherige Suche nach ähnlichen Fällen ergab nur "deaktiviere Anschlagsverzögerung". Diese ist jedoch schon ewig deaktiviert und somit wohl eher uninteressant.

Anbei nun die Logs:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Noaphiel (Administrator) auf NOAPHIEL-PC (08-11-2015 19:31:46)
Gestartet von C:\Users\Noaphiel\Desktop
Geladene Profile: Noaphiel (Verfügbare Profile: Noaphiel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\WINDOWS\System32\UI0Detect.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Akamai Technologies, Inc.) C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
(Sensible Vision ) C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
(Akamai Technologies, Inc.) C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\WINDOWS\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2108200 2010-04-01] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-09-15] (IDT, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM-x32\...\Run: [OSD_LAUNCH] => c:\Program Files (x86)\OSD\Launch.exe [32768 2010-01-05] (HH)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe [95560 2009-12-19] (Sensible Vision )
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKLM\...\RunOnce: [DSUpdateLauncher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe [18240 2010-01-23] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-02-11] (Softthinks)
Winlogon\Notify\FastAccess: C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll [2009-12-19] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-07] (Microsoft Corporation)
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-15] (Avast Software s.r.o.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{02F6E4AC-410E-4218-8761-8F332B1361EA}: [DhcpNameServer] 150.100.11.4
Tcpip\..\Interfaces\{3A7E2C7B-932D-4401-805D-A061E476FF32}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-982091520-1237619290-1058120956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.alienware.com/
HKU\S-1-5-21-982091520-1237619290-1058120956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.alienware.com/
HKU\S-1-5-21-982091520-1237619290-1058120956-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://support.alienware.com
HKU\S-1-5-21-982091520-1237619290-1058120956-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://support.alienware.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-15] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-15] (Avast Software s.r.o.)
BHO-x32: SSOIEAddonBHO Class -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll [2009-12-19] (Sensible Vision )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-12] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-12] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-982091520-1237619290-1058120956-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Noaphiel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-15] [ist nicht signiert]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Noaphiel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Noaphiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Noaphiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR HKU\S-1-5-21-982091520-1237619290-1058120956-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-15]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-15] (Avast Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-04-30] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-07-03] (EasyAntiCheat Ltd)
R2 FAService; C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2389320 2009-12-19] (Sensible Vision )
S4 HappyOSD; C:\Program Files (x86)\OSD\OSD_Service.exe [16384 2010-01-04] () [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-05] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe [240640 2009-09-15] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-15] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-04-30] (BitRaider)
S3 DCamUSBNovatek; C:\Windows\System32\Drivers\nvtcam.sys [2770432 2011-06-10] (AONI)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 IAMTVE; C:\Windows\system32\DRIVERS\IAMTVE.sys [43416 2007-04-11] (Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\DRIVERS\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation)
R0 ioatdma; C:\Windows\System32\Drivers\ioatdma.sys [46792 2009-07-13] (Intel Corporation)
S3 iSSetup; C:\Windows\system32\DRIVERS\iSSetup.sys [178400 2009-10-13] (Intel Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-15] (Avast Software)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; c:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-04-16] (CyberLink Corp.)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-08 19:31 - 2015-11-08 19:32 - 00016153 _____ C:\Users\Noaphiel\Desktop\FRST.txt
2015-11-08 19:31 - 2015-11-08 19:31 - 00000000 ____D C:\FRST
2015-11-08 19:30 - 2015-11-08 19:30 - 02198528 _____ (Farbar) C:\Users\Noaphiel\Desktop\FRST64.exe
2015-11-07 23:02 - 2015-11-08 18:57 - 00000000 ____D C:\Users\Noaphiel\AppData\Local\Warframe
2015-11-07 21:23 - 2015-11-07 21:23 - 00000222 _____ C:\Users\Noaphiel\Desktop\Warframe.url
2015-11-04 20:52 - 2015-11-04 22:26 - 00007450 _____ C:\Users\Noaphiel\Documents\A_whole_new_World.mscz
2015-11-04 20:52 - 2015-11-04 20:52 - 00003688 _____ C:\Users\Noaphiel\Documents\.A_whole_new_World.mscz,
2015-11-04 20:04 - 2015-11-04 20:04 - 00001046 _____ C:\Users\Public\Desktop\MuseScore.lnk
2015-11-04 20:04 - 2015-11-04 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2015-11-04 20:04 - 2015-11-04 20:04 - 00000000 ____D C:\Program Files (x86)\MuseScore

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-08 19:30 - 2014-05-20 18:21 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-08 19:06 - 2015-06-12 11:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-08 18:17 - 2010-05-25 00:57 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-08 17:35 - 2009-07-14 06:10 - 02090255 _____ C:\Windows\WindowsUpdate.log
2015-11-08 17:20 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-08 17:20 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-08 17:19 - 2009-07-14 18:58 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-11-08 17:19 - 2009-07-14 18:58 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-11-08 17:19 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-08 17:13 - 2014-05-20 18:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-08 17:12 - 2014-05-20 18:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-08 17:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-08 17:12 - 2009-07-14 05:51 - 00088979 _____ C:\Windows\setupact.log
2015-11-07 23:03 - 2014-05-23 12:29 - 00297342 _____ C:\Windows\DirectX.log
2015-11-07 21:21 - 2015-07-16 12:03 - 00000000 ____D C:\Users\Noaphiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-11-07 16:51 - 2014-05-23 12:35 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-11-06 20:54 - 2014-08-17 17:08 - 00000000 ____D C:\Bilder
2015-10-31 11:33 - 2014-05-20 18:24 - 00002137 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-26 18:05 - 2010-05-24 17:56 - 00091908 _____ C:\Windows\PFRO.log
2015-10-25 21:28 - 2015-05-11 11:15 - 00000000 ____D C:\Noten
2015-10-25 13:51 - 2015-06-10 15:33 - 00000000 ____D C:\Users\Noaphiel\AppData\Local\fotokasten comfort
2015-10-15 17:51 - 2015-09-09 20:22 - 00000000 ____D C:\Users\Noaphiel\AppData\Roaming\LolClient
2015-10-15 17:18 - 2014-08-29 11:25 - 00000566 _____ C:\Users\Noaphiel\Desktop\Neues Textdokument.txt

Einige Dateien in TEMP:
====================
C:\Users\Noaphiel\AppData\Local\Temp\c2f1dfa1406a8f28b7af13897268a57f.dll
C:\Users\Noaphiel\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
C:\Users\Noaphiel\AppData\Local\Temp\drm_dyndata_7370010.dll
C:\Users\Noaphiel\AppData\Local\Temp\FreeVideoEditor.exe
C:\Users\Noaphiel\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Noaphiel\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Noaphiel\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Noaphiel\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Noaphiel\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Noaphiel\AppData\Local\Temp\nfpzxz1d.dll
C:\Users\Noaphiel\AppData\Local\Temp\nvStInst.exe
C:\Users\Noaphiel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Noaphiel\AppData\Local\Temp\sfextra.dll
C:\Users\Noaphiel\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-03 20:49

==================== Ende von FRST.txt ============================

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Noaphiel (2015-11-08 19:33:38)
Gestartet von C:\Users\Noaphiel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-05-19 23:43:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-982091520-1237619290-1058120956-500 - Administrator - Disabled)
Gast (S-1-5-21-982091520-1237619290-1058120956-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-982091520-1237619290-1058120956-1002 - Limited - Enabled)
Noaphiel (S-1-5-21-982091520-1237619290-1058120956-1001 - Administrator - Enabled) => C:\Users\Noaphiel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader 9.1.2 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Akamai NetSession Interface (HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Awakening Client (HKLM-x32\...\SWGAwakening) (Version:  - )
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG3500 series Benutzerregistrierung (HKLM-x32\...\Canon MG3500 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Command Center (HKLM-x32\...\InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}) (Version: 2.5.44.0 - Alienware Corp.)
Command Center (Version: 2.5.44.0 - Alienware Corp.) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creeper World 3: Arc Eternal (HKLM-x32\...\Steam App 280220) (Version:  - Knuckle Cracker)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3131 - CyberLink Corp.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.41 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.92 - Dell)
Dell System Detect - 1  (HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell System Detect (HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Earth 2160 (HKLM-x32\...\Steam App 1900) (Version:  - Reality Pump Studios)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Free Video Editor version 1.4.8.1122 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.8.1122 - DVDVideoSoft Ltd.)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
GameRanger (HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Earth (HKLM-x32\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version:  - Gearbox Software)
Icewind Dale: Enhanced Edition (HKLM-x32\...\Steam App 321800) (Version:  - Beamdog)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Network Connections 14.8.43.0 (HKLM\...\PROSetDX) (Version: 14.8.43.0 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Job-Kontact 4.0  4.0 (HKLM-x32\...\{80E9FA05-21C2-4CF9-83D6-7FC847A5D051}) (Version:  - VAB Teamwork)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Mad Games Tycoon (HKLM-x32\...\Steam App 341000) (Version:  - Eggcode)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Nero 9 Essentials (HKLM-x32\...\{33afbe90-291a-4e49-b49b-2be6880f3deb}) (Version:  - Nero AG)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5738 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
OSD Setup (HKLM-x32\...\{98E5A0C3-86ED-4429-9386-F0DB49E958EA}) (Version: 1.1.0 - MyOSD)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars Galaxies (HKLM-x32\...\{88038160-9BCB-47BE-A5C3-5CE2DC115509}) (Version: 1.00.000 - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
SWGEmu Launchpad (HKLM-x32\...\{37A10E4F-B984-462D-A33E-6C3D74CB1299}) (Version: 0.22 - SWGEmu)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.15.0 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.1 - Synthesia LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9603 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
X3: Albion Prelude (HKLM-x32\...\Steam App 201310) (Version:  - Egosoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-06-10 19:13 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15463 zusätzliche Einträge.


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {079A9927-808B-4792-8873-7A16D5D224DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {0F01B2AC-6866-48BA-81A9-9C0D5C3C3795} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {1AD41821-6A5E-4B0A-A642-23854111DEBD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E1BF4B1-291F-473C-9D7F-C1C04A03E3B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {61886440-BBEC-4370-9B65-90A48033A7F7} - System32\Tasks\{342D7DD1-1370-41F8-AFB6-1A6AD90E5D6F} => C:\Program Files (x86)\CCP\EVE\eve.exe
Task: {62040944-7848-4146-83B6-957E0D616295} - System32\Tasks\Games\UpdateCheck_S-1-5-21-982091520-1237619290-1058120956-1001
Task: {88EBFABA-7A88-4102-9F34-F5B1F9389636} - System32\Tasks\{4CAC1B7F-BB27-4CCF-BFC1-5FF527908E09} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\Dark Age of Camelot\uninstDAOC.exe"
Task: {92231DF2-5836-4398-84E7-A764FE1546AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {A10138D3-74E2-4C2B-9242-59BB64244D83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {B243C96E-0F83-482B-8D5E-9F77AC344D22} - System32\Tasks\{6DF8DC57-3633-428F-8C5C-901D61DFB9FE} => C:\Program Files (x86)\DAoC Portal\Portal.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-11-02 20:20 - 2013-05-14 10:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-05-25 01:30 - 2010-02-11 17:39 - 00161736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
2010-05-25 01:29 - 2010-02-11 17:56 - 00415040 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2009-12-19 19:38 - 2009-12-19 19:38 - 00094536 _____ () C:\Windows\system32\FAIEExtension.DLL
2015-05-15 09:39 - 2015-05-15 09:39 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-15 09:39 - 2015-05-15 09:39 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-07 14:01 - 2015-11-07 14:01 - 02990592 _____ () C:\Program Files\AVAST Software\Avast\defs\15110700\algo.dll
2015-11-08 17:14 - 2015-11-08 17:14 - 02990592 _____ () C:\Program Files\AVAST Software\Avast\defs\15110800\algo.dll
2015-06-10 17:31 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-06-10 17:31 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-06-10 17:31 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-06-10 17:31 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-06-10 17:31 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-05-25 01:29 - 2010-02-17 22:36 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-05-25 01:29 - 2010-02-11 17:53 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-05-25 01:29 - 2010-02-11 17:52 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-05-25 01:29 - 2010-02-11 17:53 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-05-25 01:29 - 2010-02-11 17:53 - 00234816 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-05-25 01:29 - 2010-02-11 17:53 - 00075072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-05-25 01:29 - 2010-02-11 17:53 - 00111936 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-05-25 01:29 - 2010-02-11 17:53 - 00121152 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2015-05-15 09:39 - 2015-05-15 09:39 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-20 18:27 - 2015-10-05 17:18 - 00778752 _____ () c:\Program Files (x86)\Steam\SDL2.dll
2015-02-09 18:51 - 2015-07-03 17:12 - 04962816 _____ () c:\Program Files (x86)\Steam\v8.dll
2015-02-09 18:51 - 2015-07-03 17:12 - 01556992 _____ () c:\Program Files (x86)\Steam\icui18n.dll
2015-02-09 18:51 - 2015-07-03 17:12 - 01187840 _____ () c:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 20:12 - 2015-11-05 17:44 - 02541648 _____ () c:\Program Files (x86)\Steam\video.dll
2014-09-30 17:48 - 2015-09-24 01:33 - 02549248 _____ () c:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-30 17:48 - 2015-09-24 01:33 - 00442880 _____ () c:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-30 17:48 - 2015-09-24 01:33 - 00491008 _____ () c:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-30 17:48 - 2015-09-24 01:33 - 00332800 _____ () c:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-30 17:48 - 2015-09-24 01:33 - 00485888 _____ () c:\Program Files (x86)\Steam\libswscale-3.dll
2014-05-20 18:27 - 2015-11-05 17:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 13:25 - 2015-11-03 23:00 - 00201728 _____ () c:\Program Files (x86)\Steam\bin\openvr_api.dll
2014-05-20 18:27 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-09 18:51 - 2015-09-25 00:56 - 00119208 _____ () c:\Program Files (x86)\Steam\winh264.dll
2015-10-31 11:33 - 2015-10-20 15:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-31 11:33 - 2015-10-20 15:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-10-31 11:33 - 2015-10-20 15:08 - 16493384 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE trusted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-982091520-1237619290-1058120956-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-982091520-1237619290-1058120956-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Noaphiel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AlienFusionService => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HappyOSD => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: AlienFX Controller => "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"
MSCONFIG\startupreg: BDRegion => c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Noaphiel\AppData\Local\Apps\2.0\BW5GEHGP.GPT\2ORY6DGY.99Q\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: PDVD8LanguageShortcut => "c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl8 => "c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UCam_Menu => "c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B0EDE56C-0D12-4103-8331-5EEBA302AC2F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{5F92CA6B-2861-4FD8-A338-2A4EB0CFE7EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6B0DD4A6-DA9A-44B5-BCAC-91DB2A9AB556}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CE1A9BD-863D-4271-96C5-49FE8598A703}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E6DA7B9-7011-4C85-A243-821E889888CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FEE11F6A-E397-41BC-A377-A51DA42952EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{B87B5D09-2651-4894-9F4E-0A06436EFD60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [TCP Query User{34897CAD-8656-47D7-A733-F0666211A15B}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{D333AF30-28B0-44D3-9440-85F39A0A7C15}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{8F9943D2-608D-422C-8F13-BD429B09C6C1}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe
FirewallRules: [{3AE98296-91B6-438E-AD22-16665EB9D5C9}] => (Allow) C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe
FirewallRules: [{C6DD4203-B5B9-49B2-8E8C-9F8E6F47F9B5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A724BDF1-C940-4C07-837B-6F1A9C6A5BEF}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E472B713-6526-4EDD-95BB-1AF50CE47CD1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D9AC356A-68AE-4ABA-BFF9-027FF679AEEC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2D95858-F42C-41CA-BF5C-FD1C82D5A9EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\x3 terran conflict\X3AP.exe
FirewallRules: [{4AFE8F43-04C9-490F-8425-43131B763471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\x3 terran conflict\X3AP.exe
FirewallRules: [TCP Query User{9C7D198F-CE92-4667-AD58-EA5B6BCE3E39}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{2D8DEFE9-32F0-4C25-A6AD-2510D3DFD52F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{C05ED7CB-E84A-4C3A-BF45-E8E5E7D95F13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{F6F722AB-32E5-4840-AEAA-1818037319E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{B04FC5CA-E3E1-4625-8B20-AD0D9C067781}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2E4F7478-A39D-401A-8DF8-39A483A305D5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7DE402C3-8E37-402C-9507-1E176DDAE0F3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{1A25DD6D-5E50-467A-AC1D-373680E2AA88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{054B6923-EE35-4CA0-B989-8D330AACF0C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{41303E99-D313-4A65-A66B-78A991C4BAA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B72238C2-BB01-4968-9F06-227359C9C2C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{B0F19742-1F0B-4C1E-963A-59AA5AE47F80}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{805EB60C-004B-4D3B-9F1A-499EC718EBC8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{B220F7C4-6B56-4369-850B-996A254F1FA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{9D30852E-8302-45CD-8FAD-A7E66B26BB7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{9B50B4D6-CD57-4AF3-A084-C79C02011C8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{12D44227-5F3A-4CE4-BF92-2E6928B03267}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{684DDCC5-6BF9-4600-B654-02E55658929C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{C3118A4A-7D4E-4949-9459-5DDAA469DDB5}C:\program files (x86)\sony\station\launchpad\launchpad.exe] => (Block) C:\program files (x86)\sony\station\launchpad\launchpad.exe
FirewallRules: [UDP Query User{7CF2BCCA-4D8A-4AA6-BC64-B608315F66A7}C:\program files (x86)\sony\station\launchpad\launchpad.exe] => (Block) C:\program files (x86)\sony\station\launchpad\launchpad.exe
FirewallRules: [{50E04456-9E4A-412C-8E76-1042BA87A38E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{BC6DC12B-4EA8-4EE6-B3A5-9F013CA1160B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [TCP Query User{58AEF931-288A-4A60-8066-555A6A2207D1}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [UDP Query User{7B29C3C4-C510-4B8F-940B-85A4A32D7454}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{6D47D7E4-074C-4573-BD9A-37DD1355BEE6}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{93B76F05-1DE3-413F-BE06-DF0C76D04069}C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{9FD2D621-8EB2-435F-94A9-A2E210DD7369}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2C3E4927-5605-4912-906C-B2ADBBE9A380}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{ACF0BC2D-9869-472E-A9DB-3E214D9BB11C}C:\users\noaphiel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\noaphiel\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6308C739-D498-4C33-9EBD-1742D2A69C3C}C:\users\noaphiel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\noaphiel\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2EA7C6F5-CEF1-41D3-BFB4-6B2B0160A5A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{27B4EF1E-0CF7-466A-9CD9-7ECBD6317665}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{607E6F88-6692-44BE-A0EF-69ED49B5DA0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Creeper World 3\CW3.exe
FirewallRules: [{311EE9F3-B908-4DF9-A7EA-97CFD4CAE9A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Creeper World 3\CW3.exe
FirewallRules: [{0DAC371E-5C84-474D-94AF-374E1A138C1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{193AD1FC-B732-4CC0-9192-3F7A423C5936}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{B387E925-8D5D-4336-BB25-6A6AB11C4516}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{1014771C-07D2-431B-A62F-9F1D5B148A57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3.exe
FirewallRules: [{9128CF69-5597-4166-9F64-C5645AAC3286}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{7BA59923-0E6D-4913-AABA-9A502FA06971}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AoW3\AoW3_Debug.exe
FirewallRules: [TCP Query User{73B21B6D-B24B-4003-863A-2C59E928AA1C}C:\users\noaphiel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\noaphiel\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{9632FD46-AC63-4F5A-AF35-943C7B73EEDF}C:\users\noaphiel\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\noaphiel\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B92611F6-0A8B-49D4-841F-6AF38E50D007}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{3A9FD939-C5BF-4B95-B01D-1EFB981201B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold\Stronghold.exe
FirewallRules: [{07070E4A-8CE2-4D00-92FB-EF274DE8BB2C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{987169A8-6884-4696-98B2-1E7828FDAC73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{16989191-0CF8-4D66-A543-65F05169DE62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Earth 2160\Earth2160_START.exe
FirewallRules: [{2E00F61F-F174-4BE3-B269-4B9D40E6A15F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Earth 2160\Earth2160_START.exe
FirewallRules: [{0F0AFF5E-4E87-461A-B58D-923CB2EB3707}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Earth 2160\Earth2160Editor_START.exe
FirewallRules: [{9573F76F-BC17-4D29-9240-D6C5074AF1E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Earth 2160\Earth2160Editor_START.exe
FirewallRules: [{623E0C62-3902-41A5-A652-B34239499A33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{EA40946E-04F4-4C2F-8A19-25344526833E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [TCP Query User{7AE33EE4-85A4-448B-8348-715001663AFD}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{044528A4-F719-497C-A2CC-66B572AA4593}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [TCP Query User{E6ADE3F6-3638-46AB-97F4-46F5DED8C5B0}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{5280E566-B988-4918-B3C4-EDE152322AB9}C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [{F7B8A19D-FCA4-49F3-9BEA-DF34B8D8692F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Games Tycoon\MadGamesTycoon.exe
FirewallRules: [{AE8B74A0-DA30-4AE7-AAC5-EEDC2D8DCC9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Games Tycoon\MadGamesTycoon.exe
FirewallRules: [{EAB4B106-F9DB-469E-8A86-B466E8F9E32E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{E05AD983-6A19-41CE-BE68-C35B850874D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [TCP Query User{406EDFD5-C69C-446B-81AF-18E7BE7C910A}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
FirewallRules: [UDP Query User{0ECA59AC-1AB8-4942-83A6-6AA2E17ACF04}C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war for the overworld\wftogame.exe
FirewallRules: [{21222BDF-38FC-475B-98BD-99C2090E3621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{18C7EA78-3706-4E28-AABC-66D3E2CEB5B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Game of Thrones\Thrones.exe
FirewallRules: [{7BBD4C93-E490-4FF8-8651-3B818DFBC51C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4D101062-2CB5-44EC-9C9A-2DE354BFA2FA}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8EB6AD42-1EEA-4E82-953A-22C72367A577}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{8D90439E-FB2C-499C-806D-1E24202F0838}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F61BDF8F-8498-467E-B0E5-39D0160C50A2}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1FB1E106-4CAF-4E5A-81F9-87361720C7C4}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D78391E8-9519-4A46-A614-ECAD546541B8}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{EAAB3980-0EF7-454C-8E91-D21D447FA80F}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D6BD6BA2-E7AC-4727-977F-D78F6AA1C58E}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DA36E14F-F077-492E-A92A-CB90CCEFE40C}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4A8BA4CE-F4E2-4E0C-9144-33A09831AA62}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{8D8A74D3-40D7-48D8-AF28-9A89AB364F2A}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{3C3FB1F5-A0C0-4FC8-BD30-54478EC09948}] => (Allow) c:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/08/2015 05:43:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/08/2015 05:30:58 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to copy new service file to temp location

Error: (11/08/2015 05:13:39 PM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (4464) Windows: Die Shadowkopfzeile für Datei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk konnte nicht geschrieben werden. Fehler -1032.

Error: (11/08/2015 05:13:39 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4464) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (11/07/2015 07:48:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16c4

Startzeit: 01d1198c3ef29554

Endzeit: 202

Anwendungspfad: c:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe

Berichts-ID:

Error: (11/07/2015 10:31:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (11/06/2015 06:58:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (10/26/2015 07:00:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (10/22/2015 03:57:35 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (10/19/2015 05:15:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005


Systemfehler:
=============
Error: (11/08/2015 05:31:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/08/2015 05:30:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/08/2015 05:30:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (11/08/2015 05:30:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/08/2015 05:30:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (11/08/2015 12:17:29 AM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (11/07/2015 07:33:30 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (11/07/2015 07:33:30 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004

Error: (11/07/2015 03:27:19 PM) (Source: volsnap) (EventID: 14) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (11/07/2015 10:01:04 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 820 @ 1.73GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 4084.5 MB
Verfügbarer physikalischer RAM: 2247.75 MB
Summe virtueller Speicher: 8167.19 MB
Verfügbarer virtueller Speicher: 5748.52 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:36.64 GB) NTFS
Drive e: () (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 079EAB29)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 982.5 MB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-08 20:48:24
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST925041 rev.D004 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Noaphiel\AppData\Local\Temp\kxdiikoc.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17         0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17           0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17         0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42         0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17            0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17     0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17            0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17     0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17           0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17         0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17           0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17              0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17           0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17         0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20     0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe[444] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31     0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                 0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                   0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                 0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                 0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                    0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17             0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                    0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17             0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                   0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                        0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                 0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                   0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                      0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                   0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                 0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20             0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[3092] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31             0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17        0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17          0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17        0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42        0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17           0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17    0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17           0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17    0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17          0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17               0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17        0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17          0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17             0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17          0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17        0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20    0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe[3672] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31    0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe[3700] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                 0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                   0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                 0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                 0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                    0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17             0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                    0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17             0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                   0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                        0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                 0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                   0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                      0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                   0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                 0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20             0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Noaphiel\AppData\Local\Akamai\netsession_win.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31             0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                    0000000076d98769 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                         0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                           0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                         0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                         0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                            0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                     0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                            0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                     0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                           0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                         0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                           0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                              0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                           0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                         0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                     0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[4132] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                     0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                    0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                      0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                    0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                    0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                       0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                       0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                      0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                           0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                    0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                      0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                         0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                      0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                    0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\Steam.exe[1272] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                       0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                         0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                       0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                       0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                          0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                   0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                          0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                   0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                         0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                              0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                       0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                         0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                            0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                         0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                       0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                   0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                   0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                  0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                   0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17            0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                   0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17            0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                  0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                       0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                  0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                     0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                  0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20            0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Steam\SteamService.exe[3768] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31            0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5                      0000000077dff9ad 7 bytes {MOV EDX, 0x25eae8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenKey + 5                                   0000000077dffa29 7 bytes {MOV EDX, 0x25e9a8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtCreateKey + 5                                 0000000077dffb41 7 bytes {MOV EDX, 0x25e968; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5                           0000000077dffbf1 7 bytes {MOV EDX, 0x25eb28; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcess + 5                               0000000077dffc21 7 bytes {MOV EDX, 0x25ea68; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5                        0000000077dffc39 7 bytes {MOV EDX, 0x25e928; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5                          0000000077dffc51 7 bytes {MOV EDX, 0x25ebe8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5                        0000000077dffc81 7 bytes {MOV EDX, 0x25ec28; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5                         0000000077dffd01 7 bytes {MOV EDX, 0x25eba8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5                        0000000077dffd19 7 bytes {MOV EDX, 0x25eb68; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5                                  0000000077dffd65 7 bytes {MOV EDX, 0x25e868; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5                       0000000077dffe5d 7 bytes {MOV EDX, 0x25e8a8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5                                0000000077e000b5 7 bytes {MOV EDX, 0x25e828; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenKeyEx + 5                                 0000000077e01019 7 bytes {MOV EDX, 0x25e9e8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5                          0000000077e010c1 7 bytes {MOV EDX, 0x25eaa8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtOpenThread + 5                                0000000077e01139 7 bytes {MOV EDX, 0x25ea28; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5                   0000000077e0133d 7 bytes {MOV EDX, 0x25e8e8; JMP RDX}
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                       0000000075d31401 2 bytes JMP 76dbb1ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                         0000000075d31419 2 bytes JMP 76dbb31a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                       0000000075d31431 2 bytes JMP 76e38f09 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                       0000000075d3144a 2 bytes CALL 76d94885 C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                     * 9
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                          0000000075d314dd 2 bytes JMP 76e38802 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                   0000000075d314f5 2 bytes JMP 76e389d8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                          0000000075d3150d 2 bytes JMP 76e386f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                   0000000075d31525 2 bytes JMP 76e38ac2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                         0000000075d3153d 2 bytes JMP 76dafc78 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                              0000000075d31555 2 bytes JMP 76db68bf C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                       0000000075d3156d 2 bytes JMP 76e38fc1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                         0000000075d31585 2 bytes JMP 76e38b22 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                            0000000075d3159d 2 bytes JMP 76e386bc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                         0000000075d315b5 2 bytes JMP 76dafd11 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                       0000000075d315cd 2 bytes JMP 76dbb2b0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                   0000000075d316b2 2 bytes JMP 76e38e84 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2736] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                   0000000075d316bd 2 bytes JMP 76e38651 C:\Windows\syswow64\kernel32.dll

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\70f1a1670be8                                                             
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\70f1a1670be8 (not active ControlSet)
Zu dem letzten Log ist zu sagen, dass GMER in der letzten Zeile aufhörte zu arbeiten.

Danke im Vorraus,
Zachariel

 

Themen zu Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last
adobe, akamai, amplitude, antivirus, avast, canon, cpu, cracker, defender, device driver, dnsapi.dll, explorer, failed, flash player, google, home, launch, problem, prozesse, registry, rundll, scan, security, services.exe, software, svchost.exe, system, tastatur, temp, udp, windows


« (Möglicherweise) infizierte Datei in Temp-Ordner | .vault Virus verschlüsselte Dateien kein BTC verwendbar »


Ähnliche Themen: Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last


  1. PC reagiert nur noch extrem verzögert oder gar nicht
    Plagegeister aller Art und deren Bekämpfung - 03.11.2015 (5)
  2. Lüfter läuft permanent
    Plagegeister aller Art und deren Bekämpfung - 19.08.2015 (6)
  3. Windows XP lädt sehr langsam ,verzögert, teilweise reagiert es nicht
    Plagegeister aller Art und deren Bekämpfung - 04.08.2015 (11)
  4. Windows 8 mit Power 8 Startmenü Ersatz : Laptop lüftet permanent extrem laut, Office Programme insbes. word agieren verzögert auf Eingaben
    Log-Analyse und Auswertung - 28.01.2015 (25)
  5. Win7 neu aufgesetzt - Windows reagiert verzögert, Browser laden Seiten extrem langsam, Downloads brechen ab oder dauern ewig
    Alles rund um Windows - 23.12.2014 (10)
  6. Windows 8.1 neuer Laptop CPu auslastung bei allem zu hoch Tastatur reagiert sehr spät
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (4)
  7. Touchpad reagiert nicht mehr und Tastatureingabe verzögert -ist das ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 01.12.2014 (1)
  8. Lüfter laufen nach herunterfahren von Windows weiter | Viele Fehler in der Ereignisanzeige | Read error
    Plagegeister aller Art und deren Bekämpfung - 17.10.2014 (4)
  9. Windows XP: PC reagiert stark verzögert und ist extremst langsam
    Log-Analyse und Auswertung - 10.08.2014 (22)
  10. Laptop reagiert verzögert, teilweise gar nicht
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (10)
  11. Windows XP : Pc reagiert extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 21.11.2013 (7)
  12. Laptop reagiert verzögert
    Plagegeister aller Art und deren Bekämpfung - 26.07.2013 (13)
  13. Windows 8 Startprobleme, reagiert nicht auf Maus und Tastatur.
    Alles rund um Windows - 09.05.2013 (8)
  14. Windows Vista reagiert verzögert
    Log-Analyse und Auswertung - 10.02.2011 (26)
  15. Tastatur verzögert
    Log-Analyse und Auswertung - 14.05.2008 (0)
  16. Explorer öffnet sich ohne Aufforderung, Tastatur reagiert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 14.12.2004 (3)
  17. neuer Rechner -> Nur Lüfter laufen!!
    Netzwerk und Hardware - 09.10.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last - Guten Tag, seit ca. 2 Tagen habe ich ein Problem mit meinem Notebook. Meine Tastatur reagiert extrem verzögert und/oder gar nicht. Es wirkt fast so, als gebe es nur bestimmte - Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last...
Archiv
Du betrachtest: Windows 7, Tastatur reagiert extrem verzögert, Lüfter laufen permanent auf Anschlag ohne Last auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131