Viren, Spyware, Datenschutz 11.241 Themen, 94.650 Beiträge

Verfolgung starten Optionen

Computer mit Rootkit infiziert??

tocksick / 11 Antworten / Flachansicht Nickles

Antivir hat nichts als Virus/trojaner etc gefunden. Spybot meldet auch nichts. System ist auf dem aktuellsten Stand. Windows XP SP3

>SSDT State
NtCreateKey
Actual Address 0xB86D54AE
Hooked by: Unknown module filename

NtCreateThread
Actual Address 0xB86D54A4
Hooked by: Unknown module filename

NtDeleteKey
Actual Address 0xB86D54B3
Hooked by: Unknown module filename

NtDeleteValueKey
Actual Address 0xB86D54BD
Hooked by: Unknown module filename

NtEnumerateKey
Actual Address 0xB7EC5CA4
Hooked by: spuo.sys

NtEnumerateValueKey
Actual Address 0xB7EC6032
Hooked by: spuo.sys

NtLoadKey
Actual Address 0xB86D54C2
Hooked by: Unknown module filename

NtOpenKey
Actual Address 0xB7EA70C0
Hooked by: spuo.sys

NtOpenProcess
Actual Address 0xB86D5490
Hooked by: Unknown module filename

NtOpenThread
Actual Address 0xB86D5495
Hooked by: Unknown module filename

NtQueryKey
Actual Address 0xB7EC610A
Hooked by: spuo.sys

NtQueryValueKey
Actual Address 0xB7EC5F8A
Hooked by: spuo.sys

NtReplaceKey
Actual Address 0xB86D54CC
Hooked by: Unknown module filename

NtRestoreKey
Actual Address 0xB86D54C7
Hooked by: Unknown module filename

NtSetValueKey
Actual Address 0xB86D54B8
Hooked by: Unknown module filename

NtTerminateProcess
Actual Address 0xB86D549F
Hooked by: Unknown module filename

>Shadow
>Processes
>Drivers
>Stealth
>Files
>Hooks
ntkrnlpa.exe+0x0002D5E8, Type: Inline - PushRet at address 0x805045E8 hook handler located in [unknown_code_page]
[1236]TeamSpeak.exe-->kernel32.dll-->CreateMutexA, Type: Inline - DirectJump at address 0x7C80E9DF hook handler located in [unknown_code_page]
[1236]TeamSpeak.exe-->kernel32.dll-->LoadLibraryExW, Type: Inline - DirectJump at address 0x7C801AF5 hook handler located in [unknown_code_page]
[1452]winlogon.exe-->ws2_32.dll-->getaddrinfo, Type: IAT modification at address 0x01001A28 hook handler located in [ws2_32.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001251, Type: Inline - RelativeCall at address 0x01FE1251 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000012A8, Type: Inline - PushRet at address 0x01FE12A8 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000012BA, Type: Inline - RelativeCall at address 0x01FE12BA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000012C2, Type: Inline - RelativeCall at address 0x01FE12C2 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001336, Type: Inline - PushRet at address 0x01FE1336 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001350, Type: Inline - RelativeCall at address 0x01FE1350 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000135D, Type: Inline - RelativeCall at address 0x01FE135D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001368, Type: Inline - RelativeCall at address 0x01FE1368 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001375, Type: Inline - RelativeCall at address 0x01FE1375 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001380, Type: Inline - PushRet at address 0x01FE1380 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001388, Type: Inline - PushRet at address 0x01FE1388 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001406, Type: Inline - RelativeJump at address 0x01FE1406 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000014BA, Type: Inline - RelativeJump at address 0x01FE14BA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000014C3, Type: Inline - RelativeJump at address 0x01FE14C3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000014CC, Type: Inline - RelativeCall at address 0x01FE14CC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001513, Type: Inline - DirectCall at address 0x01FE1513 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001515, Type: Inline - RelativeJump at address 0x01FE1515 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000154F, Type: Inline - RelativeCall at address 0x01FE154F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000156F, Type: Inline - RelativeJump at address 0x01FE156F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001604, Type: Inline - RelativeJump at address 0x01FE1604 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000160C, Type: Inline - RelativeJump at address 0x01FE160C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001614, Type: Inline - RelativeCall at address 0x01FE1614 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001653, Type: Inline - DirectCall at address 0x01FE1653 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000165A, Type: Inline - RelativeCall at address 0x01FE165A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000166B, Type: Inline - RelativeCall at address 0x01FE166B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001677, Type: Inline - RelativeCall at address 0x01FE1677 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001692, Type: Inline - PushRet at address 0x01FE1692 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000016AB, Type: Inline - RelativeCall at address 0x01FE16AB hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000016B6, Type: Inline - RelativeCall at address 0x01FE16B6 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000016C1, Type: Inline - RelativeCall at address 0x01FE16C1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000016E0, Type: Inline - PushRet at address 0x01FE16E0 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000017FC, Type: Inline - RelativeJump at address 0x01FE17FC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001806, Type: Inline - RelativeCall at address 0x01FE1806 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001811, Type: Inline - RelativeCall at address 0x01FE1811 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001859, Type: Inline - RelativeCall at address 0x01FE1859 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000187F, Type: Inline - RelativeCall at address 0x01FE187F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000188C, Type: Inline - RelativeCall at address 0x01FE188C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000019A5, Type: Inline - PushRet at address 0x01FE19A5 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000019D3, Type: Inline - RelativeCall at address 0x01FE19D3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000019DC, Type: Inline - PushRet at address 0x01FE19DC hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001A2E, Type: Inline - PushRet at address 0x01FE1A2E hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001AD6, Type: Inline - PushRet at address 0x01FE1AD6 hook handler located in [AdvrCntr2.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001AE1, Type: Inline - PushRet at address 0x01FE1AE1 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001AE4, Type: Inline - RelativeJump at address 0x01FE1AE4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001AEC, Type: Inline - PushRet at address 0x01FE1AEC hook handler located in [AdvrCntr2.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001B37, Type: Inline - DirectCall at address 0x01FE1B37 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001BD2, Type: Inline - PushRet at address 0x01FE1BD2 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001BD4, Type: Inline - RelativeCall at address 0x01FE1BD4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001BE4, Type: Inline - DirectCall at address 0x01FE1BE4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001C7F, Type: Inline - PushRet at address 0x01FE1C7F hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001C81, Type: Inline - RelativeCall at address 0x01FE1C81 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001CC4, Type: Inline - DirectCall at address 0x01FE1CC4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001CD8, Type: Inline - PushRet at address 0x01FE1CD8 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001CDA, Type: Inline - RelativeCall at address 0x01FE1CDA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001D30, Type: Inline - PushRet at address 0x01FE1D30 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001D33, Type: Inline - RelativeCall at address 0x01FE1D33 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001D77, Type: Inline - DirectCall at address 0x01FE1D77 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001D8B, Type: Inline - PushRet at address 0x01FE1D8B hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001D8D, Type: Inline - RelativeCall at address 0x01FE1D8D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001DD0, Type: Inline - DirectCall at address 0x01FE1DD0 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001DE4, Type: Inline - PushRet at address 0x01FE1DE4 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001DE6, Type: Inline - RelativeCall at address 0x01FE1DE6 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001E3C, Type: Inline - PushRet at address 0x01FE1E3C hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001E3F, Type: Inline - RelativeCall at address 0x01FE1E3F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001E82, Type: Inline - DirectCall at address 0x01FE1E82 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001E96, Type: Inline - PushRet at address 0x01FE1E96 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00001E98, Type: Inline - RelativeCall at address 0x01FE1E98 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00002470, Type: Inline - RelativeCall at address 0x01FE2470 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000249D, Type: Inline - RelativeCall at address 0x01FE249D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00002661, Type: Inline - PushRet at address 0x01FE2661 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000266B, Type: Inline - RelativeCall at address 0x01FE266B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00002D2A, Type: Inline - DirectCall at address 0x01FE2D2A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00002D38, Type: Inline - PushRet at address 0x01FE2D38 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00002DD5, Type: Inline - RelativeJump at address 0x01FE2DD5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003128, Type: Inline - PushRet at address 0x01FE3128 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000312A, Type: Inline - PushRet at address 0x01FE312A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003131, Type: Inline - PushRet at address 0x01FE3131 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003141, Type: Inline - RelativeCall at address 0x01FE3141 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000314A, Type: Inline - PushRet at address 0x01FE314A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003472, Type: Inline - RelativeCall at address 0x01FE3472 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003478, Type: Inline - RelativeCall at address 0x01FE3478 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003481, Type: Inline - RelativeCall at address 0x01FE3481 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000352F, Type: Inline - PushRet at address 0x01FE352F hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000035B1, Type: Inline - PushRet at address 0x01FE35B1 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003647, Type: Inline - RelativeCall at address 0x01FE3647 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000364E, Type: Inline - RelativeCall at address 0x01FE364E hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000038CC, Type: Inline - RelativeJump at address 0x01FE38CC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003A05, Type: Inline - PushRet at address 0x01FE3A05 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003AAD, Type: Inline - RelativeCall at address 0x01FE3AAD hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003AB7, Type: Inline - RelativeCall at address 0x01FE3AB7 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003AC0, Type: Inline - SEH at address 0x01FE3AC0 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003B39, Type: Inline - PushRet at address 0x01FE3B39 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003BC9, Type: Inline - PushRet at address 0x01FE3BC9 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003C0F, Type: Inline - PushRet at address 0x01FE3C0F hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003C19, Type: Inline - RelativeCall at address 0x01FE3C19 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003FA4, Type: Inline - PushRet at address 0x01FE3FA4 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003FAC, Type: Inline - RelativeJump at address 0x01FE3FAC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003FBD, Type: Inline - PushRet at address 0x01FE3FBD hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00003FC3, Type: Inline - RelativeCall at address 0x01FE3FC3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004074, Type: Inline - PushRet at address 0x01FE4074 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004107, Type: Inline - RelativeJump at address 0x01FE4107 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004201, Type: Inline - PushRet at address 0x01FE4201 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000042A5, Type: Inline - RelativeCall at address 0x01FE42A5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000042AD, Type: Inline - RelativeCall at address 0x01FE42AD hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004310, Type: Inline - RelativeCall at address 0x01FE4310 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004361, Type: Inline - RelativeCall at address 0x01FE4361 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000044C5, Type: Inline - RelativeCall at address 0x01FE44C5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000044DE, Type: Inline - PushRet at address 0x01FE44DE hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000044E0, Type: Inline - RelativeCall at address 0x01FE44E0 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000044EC, Type: Inline - RelativeCall at address 0x01FE44EC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000045E6, Type: Inline - RelativeCall at address 0x01FE45E6 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000045F1, Type: Inline - RelativeCall at address 0x01FE45F1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000045FC, Type: Inline - RelativeJump at address 0x01FE45FC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004D7D, Type: Inline - PushRet at address 0x01FE4D7D hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004D7E, Type: Inline - RelativeCall at address 0x01FE4D7E hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004F8E, Type: Inline - PushRet at address 0x01FE4F8E hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00004F96, Type: Inline - PushRet at address 0x01FE4F96 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000050C1, Type: Inline - RelativeJump at address 0x01FE50C1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005159, Type: Inline - RelativeJump at address 0x01FE5159 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000526A, Type: Inline - RelativeJump at address 0x01FE526A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005302, Type: Inline - SEH at address 0x01FE5302 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005303, Type: Inline - RelativeJump at address 0x01FE5303 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000054D0, Type: Inline - PushRet at address 0x01FE54D0 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000554C, Type: Inline - RelativeCall at address 0x01FE554C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000565E, Type: Inline - RelativeCall at address 0x01FE565E hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005799, Type: Inline - RelativeJump at address 0x01FE5799 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005A29, Type: Inline - PushRet at address 0x01FE5A29 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005ABE, Type: Inline - RelativeCall at address 0x01FE5ABE hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005B0C, Type: Inline - PushRet at address 0x01FE5B0C hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005C21, Type: Inline - RelativeCall at address 0x01FE5C21 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005CF3, Type: Inline - RelativeCall at address 0x01FE5CF3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005CFF, Type: Inline - PushRet at address 0x01FE5CFF hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005ECA, Type: Inline - RelativeCall at address 0x01FE5ECA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005F9A, Type: Inline - RelativeCall at address 0x01FE5F9A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00005FE9, Type: Inline - RelativeCall at address 0x01FE5FE9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006049, Type: Inline - RelativeCall at address 0x01FE6049 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006053, Type: Inline - RelativeCall at address 0x01FE6053 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006063, Type: Inline - RelativeCall at address 0x01FE6063 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000606B, Type: Inline - RelativeCall at address 0x01FE606B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006073, Type: Inline - RelativeCall at address 0x01FE6073 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000060C4, Type: Inline - RelativeCall at address 0x01FE60C4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000060CB, Type: Inline - PushRet at address 0x01FE60CB hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000060D7, Type: Inline - RelativeCall at address 0x01FE60D7 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006399, Type: Inline - RelativeCall at address 0x01FE6399 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000063A1, Type: Inline - RelativeCall at address 0x01FE63A1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000063A9, Type: Inline - RelativeCall at address 0x01FE63A9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000645A, Type: Inline - PushRet at address 0x01FE645A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000646B, Type: Inline - PushRet at address 0x01FE646B hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000065C3, Type: Inline - RelativeCall at address 0x01FE65C3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006710, Type: Inline - RelativeCall at address 0x01FE6710 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006718, Type: Inline - RelativeCall at address 0x01FE6718 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006724, Type: Inline - RelativeJump at address 0x01FE6724 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006753, Type: Inline - PushRet at address 0x01FE6753 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000675F, Type: Inline - PushRet at address 0x01FE675F hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000689E, Type: Inline - SEH at address 0x01FE689E hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000068DE, Type: Inline - RelativeCall at address 0x01FE68DE hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006BA3, Type: Inline - RelativeCall at address 0x01FE6BA3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00006C98, Type: Inline - PushRet at address 0x01FE6C98 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000073E7, Type: Inline - PushRet at address 0x01FE73E7 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000073EA, Type: Inline - RelativeCall at address 0x01FE73EA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000073FB, Type: Inline - PushRet at address 0x01FE73FB hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000762C, Type: Inline - RelativeCall at address 0x01FE762C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007641, Type: Inline - RelativeJump at address 0x01FE7641 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007646, Type: Inline - RelativeJump at address 0x01FE7646 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000076B7, Type: Inline - RelativeCall at address 0x01FE76B7 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000076C3, Type: Inline - DirectCall at address 0x01FE76C3 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000076ED, Type: Inline - RelativeCall at address 0x01FE76ED hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000076F2, Type: Inline - RelativeCall at address 0x01FE76F2 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007722, Type: Inline - PushRet at address 0x01FE7722 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007878, Type: Inline - RelativeJump at address 0x01FE7878 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000078FC, Type: Inline - RelativeCall at address 0x01FE78FC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007904, Type: Inline - RelativeCall at address 0x01FE7904 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007919, Type: Inline - RelativeCall at address 0x01FE7919 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007982, Type: Inline - RelativeCall at address 0x01FE7982 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007995, Type: Inline - RelativeJump at address 0x01FE7995 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000079E5, Type: Inline - RelativeCall at address 0x01FE79E5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007BA3, Type: Inline - RelativeJump at address 0x01FE7BA3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007BE5, Type: Inline - RelativeJump at address 0x01FE7BE5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007DB7, Type: Inline - RelativeJump at address 0x01FE7DB7 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00007DC4, Type: Inline - RelativeJump at address 0x01FE7DC4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000809D, Type: Inline - RelativeJump at address 0x01FE809D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000818A, Type: Inline - RelativeCall at address 0x01FE818A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008197, Type: Inline - RelativeCall at address 0x01FE8197 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000082A3, Type: Inline - RelativeCall at address 0x01FE82A3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000082B3, Type: Inline - RelativeJump at address 0x01FE82B3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000082BC, Type: Inline - RelativeJump at address 0x01FE82BC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000082C7, Type: Inline - RelativeJump at address 0x01FE82C7 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000836A, Type: Inline - RelativeCall at address 0x01FE836A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000861B, Type: Inline - RelativeCall at address 0x01FE861B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008862, Type: Inline - RelativeJump at address 0x01FE8862 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008A33, Type: Inline - RelativeJump at address 0x01FE8A33 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008A46, Type: Inline - RelativeCall at address 0x01FE8A46 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008A7D, Type: Inline - RelativeJump at address 0x01FE8A7D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008A8F, Type: Inline - RelativeJump at address 0x01FE8A8F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008ABB, Type: Inline - RelativeCall at address 0x01FE8ABB hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008DBA, Type: Inline - RelativeCall at address 0x01FE8DBA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00008DC1, Type: Inline - RelativeCall at address 0x01FE8DC1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009012, Type: Inline - RelativeCall at address 0x01FE9012 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000090E3, Type: Inline - PushRet at address 0x01FE90E3 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000090E4, Type: Inline - RelativeCall at address 0x01FE90E4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009171, Type: Inline - RelativeCall at address 0x01FE9171 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009178, Type: Inline - RelativeCall at address 0x01FE9178 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000092DF, Type: Inline - PushRet at address 0x01FE92DF hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009316, Type: Inline - RelativeJump at address 0x01FE9316 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000093F6, Type: Inline - SEH at address 0x01FE93F6 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000093F8, Type: Inline - RelativeCall at address 0x01FE93F8 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000094D0, Type: Inline - PushRet at address 0x01FE94D0 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000964C, Type: Inline - RelativeCall at address 0x01FE964C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009BF9, Type: Inline - RelativeCall at address 0x01FE9BF9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009C2B, Type: Inline - RelativeCall at address 0x01FE9C2B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009C3C, Type: Inline - RelativeCall at address 0x01FE9C3C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009D1C, Type: Inline - RelativeCall at address 0x01FE9D1C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009D5F, Type: Inline - RelativeCall at address 0x01FE9D5F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009E46, Type: Inline - RelativeJump at address 0x01FE9E46 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009E6D, Type: Inline - RelativeCall at address 0x01FE9E6D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009F47, Type: Inline - RelativeCall at address 0x01FE9F47 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009F97, Type: Inline - RelativeCall at address 0x01FE9F97 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00009FC4, Type: Inline - RelativeCall at address 0x01FE9FC4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000A024, Type: Inline - RelativeCall at address 0x01FEA024 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000A059, Type: Inline - RelativeCall at address 0x01FEA059 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000A3E3, Type: Inline - RelativeCall at address 0x01FEA3E3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000A985, Type: Inline - RelativeCall at address 0x01FEA985 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000A9EA, Type: Inline - RelativeCall at address 0x01FEA9EA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000ACBF, Type: Inline - RelativeCall at address 0x01FEACBF hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000ACCE, Type: Inline - PushRet at address 0x01FEACCE hook handler located in [NeroStartSmart.exe]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000AD76, Type: Inline - PushRet at address 0x01FEAD76 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000AEDB, Type: Inline - RelativeCall at address 0x01FEAEDB hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B148, Type: Inline - RelativeJump at address 0x01FEB148 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B184, Type: Inline - RelativeCall at address 0x01FEB184 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B21F, Type: Inline - RelativeCall at address 0x01FEB21F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B5D0, Type: Inline - SEH at address 0x01FEB5D0 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B5D1, Type: Inline - RelativeCall at address 0x01FEB5D1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B616, Type: Inline - RelativeCall at address 0x01FEB616 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B781, Type: Inline - RelativeCall at address 0x01FEB781 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B786, Type: Inline - RelativeCall at address 0x01FEB786 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000B793, Type: Inline - DirectCall at address 0x01FEB793 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000BA5A, Type: Inline - DirectCall at address 0x01FEBA5A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000BABC, Type: Inline - RelativeCall at address 0x01FEBABC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000BB60, Type: Inline - RelativeCall at address 0x01FEBB60 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000BC28, Type: Inline - PushRet at address 0x01FEBC28 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C183, Type: Inline - RelativeCall at address 0x01FEC183 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C188, Type: Inline - RelativeCall at address 0x01FEC188 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C2B0, Type: Inline - RelativeCall at address 0x01FEC2B0 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C381, Type: Inline - RelativeCall at address 0x01FEC381 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C3D9, Type: Inline - RelativeCall at address 0x01FEC3D9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C4FF, Type: Inline - PushRet at address 0x01FEC4FF hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C530, Type: Inline - DirectCall at address 0x01FEC530 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C726, Type: Inline - RelativeCall at address 0x01FEC726 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C7AA, Type: Inline - DirectCall at address 0x01FEC7AA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C7F9, Type: Inline - PushRet at address 0x01FEC7F9 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C863, Type: Inline - PushRet at address 0x01FEC863 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000C869, Type: Inline - PushRet at address 0x01FEC869 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000CF65, Type: Inline - DirectCall at address 0x01FECF65 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000CFA1, Type: Inline - RelativeCall at address 0x01FECFA1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000D24F, Type: Inline - RelativeCall at address 0x01FED24F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000D37D, Type: Inline - DirectCall at address 0x01FED37D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000D47B, Type: Inline - RelativeCall at address 0x01FED47B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000D486, Type: Inline - PushRet at address 0x01FED486 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000D705, Type: Inline - RelativeCall at address 0x01FED705 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000D710, Type: Inline - PushRet at address 0x01FED710 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000DB95, Type: Inline - PushRet at address 0x01FEDB95 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000DC1B, Type: Inline - RelativeCall at address 0x01FEDC1B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000DC98, Type: Inline - RelativeJump at address 0x01FEDC98 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000DD50, Type: Inline - RelativeCall at address 0x01FEDD50 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000DE46, Type: Inline - RelativeJump at address 0x01FEDE46 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000DFD4, Type: Inline - RelativeCall at address 0x01FEDFD4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000E052, Type: Inline - DirectCall at address 0x01FEE052 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000E292, Type: Inline - RelativeCall at address 0x01FEE292 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000E378, Type: Inline - RelativeCall at address 0x01FEE378 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000E596, Type: Inline - RelativeCall at address 0x01FEE596 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000E5AD, Type: Inline - RelativeCall at address 0x01FEE5AD hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000ED97, Type: Inline - RelativeJump at address 0x01FEED97 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000EF43, Type: Inline - RelativeCall at address 0x01FEEF43 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F0AA, Type: Inline - RelativeCall at address 0x01FEF0AA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F515, Type: Inline - SEH at address 0x01FEF515 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F516, Type: Inline - RelativeJump at address 0x01FEF516 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F52D, Type: Inline - RelativeCall at address 0x01FEF52D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F61D, Type: Inline - RelativeCall at address 0x01FEF61D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F713, Type: Inline - RelativeJump at address 0x01FEF713 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F7AA, Type: Inline - RelativeCall at address 0x01FEF7AA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F7B2, Type: Inline - PushRet at address 0x01FEF7B2 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F897, Type: Inline - PushRet at address 0x01FEF897 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F8A7, Type: Inline - RelativeCall at address 0x01FEF8A7 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000F940, Type: Inline - RelativeCall at address 0x01FEF940 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000FBA5, Type: Inline - RelativeCall at address 0x01FEFBA5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000FBBC, Type: Inline - RelativeCall at address 0x01FEFBBC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000FCAF, Type: Inline - PushRet at address 0x01FEFCAF hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000FDCD, Type: Inline - RelativeCall at address 0x01FEFDCD hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0000FFA1, Type: Inline - PushRet at address 0x01FEFFA1 hook handler located in [NeroStartSmart.exe]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001001B, Type: Inline - PushRet at address 0x01FF001B hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001042E, Type: Inline - RelativeCall at address 0x01FF042E hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000105BE, Type: Inline - RelativeCall at address 0x01FF05BE hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000106C3, Type: Inline - RelativeJump at address 0x01FF06C3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000106C9, Type: Inline - RelativeJump at address 0x01FF06C9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010749, Type: Inline - RelativeJump at address 0x01FF0749 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010760, Type: Inline - DirectCall at address 0x01FF0760 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000107F4, Type: Inline - RelativeCall at address 0x01FF07F4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000107F9, Type: Inline - RelativeCall at address 0x01FF07F9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001086A, Type: Inline - RelativeCall at address 0x01FF086A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010879, Type: Inline - RelativeCall at address 0x01FF0879 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010926, Type: Inline - RelativeCall at address 0x01FF0926 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010A6D, Type: Inline - DirectJump at address 0x01FF0A6D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010C62, Type: Inline - RelativeJump at address 0x01FF0C62 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010E01, Type: Inline - RelativeCall at address 0x01FF0E01 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010EC1, Type: Inline - RelativeCall at address 0x01FF0EC1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010EC8, Type: Inline - RelativeCall at address 0x01FF0EC8 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00010ED1, Type: Inline - RelativeCall at address 0x01FF0ED1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000110BC, Type: Inline - PushRet at address 0x01FF10BC hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011136, Type: Inline - DirectJump at address 0x01FF1136 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001113C, Type: Inline - DirectJump at address 0x01FF113C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000111CF, Type: Inline - DirectJump at address 0x01FF11CF hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000111DA, Type: Inline - DirectJump at address 0x01FF11DA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011205, Type: Inline - DirectJump at address 0x01FF1205 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011210, Type: Inline - DirectJump at address 0x01FF1210 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011216, Type: Inline - DirectJump at address 0x01FF1216 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001121C, Type: Inline - DirectJump at address 0x01FF121C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011277, Type: Inline - DirectJump at address 0x01FF1277 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001160A, Type: Inline - RelativeCall at address 0x01FF160A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000116D4, Type: Inline - DirectJump at address 0x01FF16D4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000116DA, Type: Inline - DirectJump at address 0x01FF16DA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000116E0, Type: Inline - DirectJump at address 0x01FF16E0 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000118A1, Type: Inline - DirectCall at address 0x01FF18A1 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000118A9, Type: Inline - RelativeJump at address 0x01FF18A9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011916, Type: Inline - DirectCall at address 0x01FF1916 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011959, Type: Inline - SEH at address 0x01FF1959 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000119F5, Type: Inline - DirectCall at address 0x01FF19F5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011ACC, Type: Inline - PushRet at address 0x01FF1ACC hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011AD4, Type: Inline - RelativeCall at address 0x01FF1AD4 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011ADA, Type: Inline - RelativeCall at address 0x01FF1ADA hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011AE5, Type: Inline - PushRet at address 0x01FF1AE5 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011AE6, Type: Inline - DirectJump at address 0x01FF1AE6 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011B7E, Type: Inline - RelativeJump at address 0x01FF1B7E hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011BAF, Type: Inline - PushRet at address 0x01FF1BAF hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011BB5, Type: Inline - RelativeJump at address 0x01FF1BB5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011BC9, Type: Inline - RelativeJump at address 0x01FF1BC9 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011C94, Type: Inline - RelativeJump at address 0x01FF1C94 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011D28, Type: Inline - RelativeJump at address 0x01FF1D28 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011D43, Type: Inline - DirectJump at address 0x01FF1D43 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011D49, Type: Inline - PushRet at address 0x01FF1D49 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011D4A, Type: Inline - RelativeJump at address 0x01FF1D4A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011D54, Type: Inline - DirectJump at address 0x01FF1D54 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011DB0, Type: Inline - RelativeJump at address 0x01FF1DB0 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011DB8, Type: Inline - RelativeJump at address 0x01FF1DB8 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011DC2, Type: Inline - RelativeJump at address 0x01FF1DC2 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011DCC, Type: Inline - RelativeJump at address 0x01FF1DCC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011DF3, Type: Inline - RelativeJump at address 0x01FF1DF3 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011E3F, Type: Inline - RelativeJump at address 0x01FF1E3F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011E49, Type: Inline - RelativeJump at address 0x01FF1E49 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011E51, Type: Inline - DirectJump at address 0x01FF1E51 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011E5A, Type: Inline - RelativeJump at address 0x01FF1E5A hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011E64, Type: Inline - RelativeJump at address 0x01FF1E64 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011E6C, Type: Inline - RelativeJump at address 0x01FF1E6C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011EC0, Type: Inline - RelativeJump at address 0x01FF1EC0 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011EC5, Type: Inline - RelativeJump at address 0x01FF1EC5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011ECD, Type: Inline - RelativeJump at address 0x01FF1ECD hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011F43, Type: Inline - DirectJump at address 0x01FF1F43 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011F4C, Type: Inline - RelativeJump at address 0x01FF1F4C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011FEA, Type: Inline - PushRet at address 0x01FF1FEA hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011FEC, Type: Inline - RelativeCall at address 0x01FF1FEC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00011FF4, Type: Inline - PushRet at address 0x01FF1FF4 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012026, Type: Inline - RelativeJump at address 0x01FF2026 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012030, Type: Inline - RelativeJump at address 0x01FF2030 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001215E, Type: Inline - RelativeJump at address 0x01FF215E hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001222A, Type: Inline - PushRet at address 0x01FF222A hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001222C, Type: Inline - RelativeJump at address 0x01FF222C hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012234, Type: Inline - RelativeJump at address 0x01FF2234 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001233D, Type: Inline - RelativeJump at address 0x01FF233D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000123DC, Type: Inline - RelativeCall at address 0x01FF23DC hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000123E7, Type: Inline - PushRet at address 0x01FF23E7 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000123F4, Type: Inline - DirectJump at address 0x01FF23F4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012407, Type: Inline - RelativeJump at address 0x01FF2407 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012412, Type: Inline - RelativeJump at address 0x01FF2412 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012452, Type: Inline - RelativeJump at address 0x01FF2452 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012481, Type: Inline - RelativeJump at address 0x01FF2481 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012486, Type: Inline - RelativeJump at address 0x01FF2486 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000124F0, Type: Inline - RelativeCall at address 0x01FF24F0 hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000124F5, Type: Inline - RelativeJump at address 0x01FF24F5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012501, Type: Inline - RelativeJump at address 0x01FF2501 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001250B, Type: Inline - RelativeJump at address 0x01FF250B hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012516, Type: Inline - RelativeJump at address 0x01FF2516 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x000125F1, Type: Inline - RelativeJump at address 0x01FF25F1 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012602, Type: Inline - RelativeJump at address 0x01FF2602 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012607, Type: Inline - RelativeJump at address 0x01FF2607 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x00012618, Type: Inline - RelativeJump at address 0x01FF2618 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll+0x0001261D, Type: Inline - RelativeJump at address 0x01FF261D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->gethostbyaddr, Type: Inline - RelativeCall at address 0x01FEE4A2 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->GetNameInfoW, Type: Inline - RelativeCall at address 0x01FEC505 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->getprotobyname, Type: Inline - RelativeCall at address 0x01FEE199 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->getservbyport, Type: Inline - RelativeCall at address 0x01FEE5C5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->getservbyport, Type: Inline - RelativeCall at address 0x01FEE5D4 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->sendto, Type: Inline - PushRet at address 0x01FE2F5D hook handler located in [unknown_code_page]
[3884]NeroStartSmart.exe-->ws2_32.dll-->sendto, Type: Inline - RelativeCall at address 0x01FE2F5F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSACancelAsyncRequest, Type: Inline - RelativeCall at address 0x01FEE35F hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSAEnumNetworkEvents, Type: Inline - RelativeCall at address 0x01FE6597 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSAGetOverlappedResult, Type: Inline - RelativeJump at address 0x01FF0D22 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSAGetOverlappedResult, Type: Inline - RelativeJump at address 0x01FF0D2D hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSAGetServiceClassNameByClassIdW, Type: Inline - RelativeCall at address 0x01FEFF98 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSAHtonl, Type: Inline - RelativeCall at address 0x01FEBCF2 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSAHtons, Type: Inline - RelativeCall at address 0x01FEBDD5 hook handler located in [CDCopy.dll]
[3884]NeroStartSmart.exe-->ws2_32.dll-->WSALookupServiceNextW, Type: Inline - PushRet at address 0x01FE3182 hook handler located in [unknown_code_page]
[792]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification at address 0x01001268 hook handler located in [shimeng.dll]
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

bei Antwort benachrichtigen
Und mit welchem Tool hast Du dies festgestellt ? Mit Antivir ? Wenn ja war ... Conqueror
Das Programm das dieses Log erstellt hat war RK Unhooker. Antivir uns Spybot ... tocksick
Lade bitte ... Conqueror
Sophos Anti-Rootkit Version 1.5.0 c 2009 Sophos Plc Started logging on ... tocksick
Um ganz sicher zu gehen, gehe auf diese Seite und poste das Logfile: ... Conqueror
tocksick Nachtrag zu: „Computer mit Rootkit infiziert??“
Optionen

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 15:53:57, on 31.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Creative\Shared Files\CTAudSvc.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\FRITZ!Fernzugang\certsrv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Programme\FRITZ!Fernzugang\nwtsrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe
C:\Programme\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Schmads Inc\G15_TeamSpeak\G15_TeamSpeak.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Windows Live\Contacts\wlcomm.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programme\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.de/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.de
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.de/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.de/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:4001
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 95.43.131.253 testauthd.lineage2.com
O1 - Hosts: 94.127.17.101 l2testauthd.lineage2.com
O1 - Hosts: 94.127.17.101 l2authd.lineage2.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre1.6.0_13\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre1.6.0_13\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Programme\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Programme\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Programme\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Programme\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe /autostart
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD1C28F-9B65-4FA3-898F-90687F8AD5A3}: NameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{130FF01E-CEE2-44A4-9FF1-71DF5A5F1CF4}: NameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D2839C1-0687-43E6-9F45-81CA0BD13D31}: NameServer = 192.168.123.254
O18 - Protocol: haufereader - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVM FRITZ!Fernzugang IKE Service (avmike) - AVM Berlin - C:\Programme\FRITZ!Fernzugang\avmike.exe
O23 - Service: AVM FRITZ!Fernzugang Cert Service (certsrv) - AVM Berlin - C:\Programme\FRITZ!Fernzugang\certsrv.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Programme\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: AVM FRITZ!Fernzugang Client (nwtsrv) - AVM Berlin - C:\Programme\FRITZ!Fernzugang\nwtsrv.exe
O23 - Service: NZ - Unknown owner - C:\DOKUME~1\Dominic\LOKALE~1\Temp\NZ.exe (file missing)
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 11412 bytes

bei Antwort benachrichtigen
Bin mir nicht ganz sicher Gehe mal auf diese Seite ... Conqueror
BTW: HZappyyyy New Yearrr : Analyzing your system ... Processes with ... tocksick
hier noch ein Scan von OTL http://pastebin.com/m31cc7878 tocksick
Ich kann Dir nur raten die neue C T zu erwerben, dort ist eine DVD drin mit ... Conqueror
Naja ich sag mal so, für mich war nur die Frage wichtig ob eines drauf sein ... tocksick