TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden

Lord-x1 · 29.03.2010, 12:15

So ich habe mir das Ding auch eingefangen. Habe aber von der Materie so gut wie keine Ahnung. Wer kann mir dabei helfen. Anti vir hat ihn zwar erkannt, und verschiebt in auch in Quarantäne, aber zieht sich übers Internet immer wieder neu runter.

cosinus · 29.03.2010, 13:44

Hallo und

Bitte diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!! )

Falls Du Probleme mit Malwarebytes hast (startet nicht, Updates laden nicht etc.), das hier beachten > http://www.trojaner-board.de/82699-m...tet-nicht.html

Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen!

Falls RSIT nicht startet: im Kompatibilitätsmodus ausführen (Rechtsklick auf RSIT.exe, Reiter Kompatibilität) => Windows XP einstellen und ausführen

Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.

Lord-x1 · 29.03.2010, 14:39

So cc ist durchgelaufen

Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3926
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

29.03.2010 15:37:19
mbam-log-2010-03-29 (15-37-19).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 116441
Laufzeit: 31 minute(s), 22 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus · 29.03.2010, 14:41

Mal eine Frage: Hast Du zufällig die Daemon-Tools für virtuelle DVD-Laufwerke installiert?
Mach bitte zusätzlich auch Logfiles mit GMER und OSAM und poste sie.

Lord-x1 · 29.03.2010, 14:45

Logfile of random's system information tool 1.06 (written by random/random)
Run by LordX at 2010-03-29 15:40:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 136 GB (91%) free of 150 GB
Total RAM: 1022 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:41:34, on 29.03.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Carambis\Driver Updater\dupdater.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\OpenOffice.org 3\program\soffice.exe
C:\Programme\OpenOffice.org 3\program\soffice.bin
C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Programme\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\explorer.exe
C:\Dokumente und Einstellungen\LordX\Desktop\RSIT.exe
C:\Programme\trend micro\LordX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Driver Updater] C:\Programme\Carambis\Driver Updater\dupdater.exe /minimized
O4 - HKCU\..\Run: [ISUSPM] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Programme\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Programme\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 8828 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Programme\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-11-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Programme\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"BlackBerryAutoUpdate"=C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-08-31 623960]
""= []
"RoxWatchTray"=C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-11-21 149280]
"HP Software Update"=C:\Programme\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"LogitechQuickCamRibbon"=C:\Programme\Logitech\Logitech WebCam Software\LWS.exe [2009-09-15 2788624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Driver Updater"=C:\Programme\Carambis\Driver Updater\dupdater.exe [2009-10-01 4805632]
"ISUSPM"=C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]
"Skype"=C:\Programme\Skype\\Phone\Skype.exe [2010-03-09 26100520]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe

C:\Dokumente und Einstellungen\LordX\Startmenü\Programme\Autostart
OpenOffice.org 3.1.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe"="C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programme\HP\Digital Imaging\bin\Lager\hpiscnapp.exe"="C:\Programme\HP\Digital Imaging\bin\Lager\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Programme\HP\Digital Imaging\bin\Lager\hpqkygrp.exe"="C:\Programme\HP\Digital Imaging\bin\Lager\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Opera\opera.exe"="C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-29 15:14:52 ----D---- C:\Programme\trend micro
2010-03-29 15:14:45 ----D---- C:\rsit
2010-03-29 15:02:28 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\Malwarebytes
2010-03-29 15:02:02 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-03-29 15:02:01 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-03-29 14:31:34 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\WinRAR
2010-03-29 14:31:05 ----D---- C:\Programme\WinRAR
2010-03-28 13:03:11 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\QuickScan
2010-03-27 09:44:47 ----D---- C:\Programme\Gemeinsame Dateien\Skype
2010-03-20 20:22:01 ----D---- C:\Programme\Sony Online Entertainment
2010-03-17 19:53:38 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\Sony Online Entertainment
2010-03-17 11:57:07 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\Roxio
2010-03-17 11:50:23 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\MAGIX
2010-03-17 11:50:18 ----A---- C:\WINDOWS\system32\mgxoschk.dll
2010-03-17 11:50:04 ----D---- C:\Programme\ALDI Süd Foto Service
2010-03-17 11:50:02 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Aldi Sued Fotoservice
2010-03-17 11:49:42 ----D---- C:\Programme\Aldi Sued Fotoservice
2010-03-17 11:49:27 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-03-17 11:49:27 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-03-17 11:48:37 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
2010-03-17 11:48:34 ----A---- C:\WINDOWS\system32\TTIC32.dll
2010-03-17 11:48:34 ----A---- C:\WINDOWS\system32\TTI32.dll
2010-03-17 11:48:34 ----A---- C:\WINDOWS\system32\STRING32.dll
2010-03-17 11:48:34 ----A---- C:\WINDOWS\system32\MXRestore.exe
2010-03-17 11:48:34 ----A---- C:\WINDOWS\system32\mgxcdr.txt
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLRES32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLRD32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLIX.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLISO32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLIO32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
2010-03-17 11:48:33 ----A---- C:\WINDOWS\system32\DLLAV32.dll
2010-03-17 11:48:01 ----A---- C:\WINDOWS\system32\msxml4a.dll
2010-03-17 11:47:51 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ALDI Sued Foto Service
2010-03-17 11:47:50 ----D---- C:\Programme\ALDI Sued Foto Service
2010-03-17 11:47:50 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
2010-03-17 11:47:20 ----D---- C:\Programme\Gemeinsame Dateien\MAGIX Services
2010-03-12 20:56:46 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-12 20:55:34 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
2010-03-12 19:28:33 ----D---- C:\Programme\PartyGaming
2010-03-12 01:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

======List of files/folders modified in the last 1 months======

2010-03-29 15:41:03 ----D---- C:\WINDOWS\Prefetch
2010-03-29 15:26:08 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\Skype
2010-03-29 15:14:52 ----RD---- C:\Programme
2010-03-29 15:02:10 ----D---- C:\WINDOWS\system32\drivers
2010-03-29 14:57:32 ----D---- C:\Programme\Mozilla Firefox
2010-03-29 14:54:36 ----D---- C:\WINDOWS\Debug
2010-03-29 14:54:36 ----D---- C:\WINDOWS
2010-03-29 14:54:30 ----D---- C:\WINDOWS\Temp
2010-03-29 12:55:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-29 12:53:29 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\skypePM
2010-03-29 12:52:01 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-29 08:32:03 ----D---- C:\WINDOWS\system32
2010-03-27 09:44:50 ----SHD---- C:\WINDOWS\Installer
2010-03-27 09:44:50 ----HD---- C:\Config.Msi
2010-03-27 09:44:47 ----D---- C:\Programme\Gemeinsame Dateien
2010-03-24 15:25:54 ----D---- C:\Programme\Opera
2010-03-18 22:52:38 ----D---- C:\Dokumente und Einstellungen
2010-03-18 22:33:50 ----D---- C:\NVIDIA
2010-03-18 22:33:39 ----D---- C:\1a4e34b1eb80fea6a41cbc
2010-03-18 07:58:29 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-17 22:50:28 ----D---- C:\WINDOWS\security
2010-03-17 12:38:02 ----SHD---- C:\RECYCLER
2010-03-17 11:58:41 ----D---- C:\Dokumente und Einstellungen\LordX\Anwendungsdaten\Research In Motion
2010-03-17 11:53:08 ----HD---- C:\WINDOWS\inf
2010-03-12 20:57:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-12 20:57:13 ----D---- C:\Programme\Internet Explorer
2010-03-12 20:57:12 ----D---- C:\WINDOWS\ie8updates
2010-03-12 20:56:53 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-12 20:53:56 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-12 01:32:10 ----D---- C:\Programme\Movie Maker
2010-03-09 15:01:45 ----D---- C:\Programme\Gemeinsame Dateien\InstallShield
2010-03-09 15:01:14 ----HD---- C:\Programme\InstallShield Installation Information
2010-03-09 15:00:52 ----RSD---- C:\WINDOWS\Fonts
2010-03-02 07:30:12 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-07-24 42496]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-09-15 25752]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 ntnox;ntnox; \??\C:\WINDOWS\system32\drivers\ntnox.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2009-07-16 23832]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-07-16 265624]
S3 LVUVC;Logitech QuickCam Pro 9000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2009-07-16 6756632]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RimUsb;BlackBerry-Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-06 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-06 11392]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-11-21 153376]
R2 LVPrcSrv;Process Monitor; C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-09-15 154136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Programme\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-07 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Programme\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-07 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Lord-x1 · 29.03.2010, 14:50

info.txt logfile of random's system information tool 1.06 2010-03-29 15:48:59

======Uninstall list======

-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A92000000001}
ALDI Süd Foto Manager Free-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Manager_Free\unwise.exe
ALDI Süd Foto Service-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\unwise.exe
Aldi Süd Fotoservice-->"C:\Programme\Aldi Sued Fotoservice\unins000.exe"
ALDI Süd Online Druck Service 4.6-->C:\Programme\ALDI Süd Foto Service\ALDI_ODS\Deinstallieren.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /I{13333239-0A15-4855-BEEB-0232DAA5B7EA}
BlackBerry Desktop Software 5.0.1-->MsiExec.exe /i{13333239-0A15-4855-BEEB-0232DAA5B7EA}
BlackBerry Device Software v5.0.0 für das BlackBerry 9500-Smartphone-->MsiExec.exe /X{DCE6C238-62C4-4FA0-99BC-7BBC458C927D}
BlackBerry® Media Sync-->MsiExec.exe /X{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
C-Media Audio-->C:\WINDOWS\IsUninst.exe -f"C:\Programme\C-Media Audio\Uninst.isu" -c"C:\Programme\C-Media Audio\CMIUnInstall.DLL"
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Der Stein der Weisen-->C:\PROGRA~1\PURPLE~1\DERSTE~1\UNWISE.EXE C:\PROGRA~1\PURPLE~1\DERSTE~1\INSTALL.LOG
DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Updater-->"C:\Programme\InstallShield Installation Information\{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}\setup.exe" -runfromtemp -l0x0007 -removeonly
Firebird SQL Server - MAGIX Edition-->MsiExec.exe /X{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}
Free Audio CD Burner version 1.2-->"C:\Programme\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free YouTube to MP3 Converter version 3.2-->"C:\Programme\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Programme\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
HP Customer Participation Program 10.0-->C:\Programme\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3-->C:\Programme\HP\Digital Imaging\{D77D43B5-ED55-426b-B67B-E21F804F6102}\setup\hpzscr01.exe -datfile hposcr27.dat -onestop
HP Imaging Device Functions 10.0-->C:\Programme\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.5-->C:\Programme\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Programme\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Programme\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Logitech for Business Webcam Software-->MsiExec.exe /I{97B56D25-365E-4BD6-BD70-2C3FAE3B279D}
Logitech for Business Webcam Software-Treiberpaket-->"C:\Programme\Gemeinsame Dateien\LogiShrd\LogiDriverStore\lvdrivers\12.10.1044\LgDrvInst.exe" -remove -instdir"C:\Programme\Gemeinsame Dateien\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_12.10" /clone_wait /hide_progress
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.5.8)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
NVIDIA Drivers-->C:\Programme\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{D765F1CE-5AE5-4C47-B134-AE58AC474740}
Opera 10.51-->MsiExec.exe /X{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}
PartyPoker-->"C:\Programme\PartyGaming\PartyPoker\Uninstall.exe" "C:\Programme\PartyGaming\PartyPoker\install.log"
Rocks'n'Diamonds 3.2.4-->"C:\Programme\Rocks'n'Diamonds\unins000.exe"
Roxio Media Manager-->MsiExec.exe /X{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}
Shop for HP Supplies-->C:\Programme\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe
Uninstall 1.0.0.1-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update für Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VIA Rhine Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex Rhine
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Programme\WinRAR\uninstall.exe

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: PRIVAT-0F9168C6
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "NLA (Network Location Awareness)" gesendet.

Record Number: 4671
Source Name: Service Control Manager
Time Written: 20100210064321.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: PRIVAT-0F9168C6
Event Code: 7036
Message: Dienst "NLA (Network Location Awareness)" befindet sich jetzt im Status "Ausgeführt".

Record Number: 4670
Source Name: Service Control Manager
Time Written: 20100210064321.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-0F9168C6
Event Code: 7036
Message: Dienst "WMI-Leistungsadapter" befindet sich jetzt im Status "Ausgeführt".

Record Number: 4669
Source Name: Service Control Manager
Time Written: 20100210064321.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-0F9168C6
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "WMI-Leistungsadapter" gesendet.

Record Number: 4668
Source Name: Service Control Manager
Time Written: 20100210064321.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: PRIVAT-0F9168C6
Event Code: 7036
Message: Dienst "LiveShare P2P Server 9" befindet sich jetzt im Status "Beendet".

Record Number: 4667
Source Name: Service Control Manager
Time Written: 20100210064319.000000+060
Event Type: Informationen
User:

=====Application event log=====

Computer Name: PRIVAT-0F9168C6
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst ContentIndex (ContentIndex) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 5
Source Name: LoadPerf
Time Written: 20091118153928.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-0F9168C6
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst TermService (Terminaldienste) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 4
Source Name: LoadPerf
Time Written: 20091118153926.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-0F9168C6
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst RemoteAccess (Routing und RAS) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 3
Source Name: LoadPerf
Time Written: 20091118153759.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-0F9168C6
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst PSched (PSched) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 2
Source Name: LoadPerf
Time Written: 20091118153736.000000+060
Event Type: Informationen
User:

Computer Name: PRIVAT-0F9168C6
Event Code: 1000
Message: Die Leistungsindikatoren für den Dienst RSVP (QoS-RSVP) wurden geladen.
Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte.

Record Number: 1
Source Name: LoadPerf
Time Written: 20091118153735.000000+060
Event Type: Informationen
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\DivX Shared\;C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared\;C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared\;C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\DLLShared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 15 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0f00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

cosinus · 29.03.2010, 15:44

machst Du das auch noch?

Zitat:

Zitat von cosinus

Mal eine Frage: Hast Du zufällig die Daemon-Tools für virtuelle DVD-Laufwerke installiert?
Mach bitte zusätzlich auch Logfiles mit GMER und OSAM und poste sie.

Lord-x1 · 29.03.2010, 15:54

GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-03-29 16:50:37
Windows 5.1.2600 Service Pack 3
Running: ieh56q7x.exe; Driver: C:\DOKUME~1\LordX\LOKALE~1\Temp\uwpiqkoc.sys

---- System - GMER 1.0.15 ----

SSDT F7D16CF6 ZwCreateKey
SSDT F7D16CEC ZwCreateThread
SSDT F7D16CFB ZwDeleteKey
SSDT F7D16D05 ZwDeleteValueKey
SSDT F7D16D0A ZwLoadKey
SSDT F7D16CD8 ZwOpenProcess
SSDT F7D16CDD ZwOpenThread
SSDT F7D16D14 ZwReplaceKey
SSDT F7D16D0F ZwRestoreKey
SSDT F7D16D00 ZwSetValueKey
SSDT F7D16CE7 ZwTerminateProcess

Code \??\C:\WINDOWS\system32\drivers\ntnox.sys (Windows interface driver/Microsoft Corporation) ZwResumeThread [0xF4610590]

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntkrnlpa.exe!ZwResumeThread 805CACB0 7 Bytes JMP F4610594 \??\C:\WINDOWS\system32\drivers\ntnox.sys (Windows interface driver/Microsoft Corporation)
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF6BE5360, 0x3E57A5, 0xE8000020]
.text ntnox.sys F460E486 10 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ntnox.sys F460E492 3 Bytes [00, 00, 00]
.text ntnox.sys F460E496 55 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text ntnox.sys F460E4CF 2 Bytes [00, 00] {ADD [EAX], AL}
.text ntnox.sys F460E4D2 51 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \??\C:\WINDOWS\system32\drivers\ntnox.sys[HAL.dll!KfRaiseIrql] 8B3372EB
IAT \??\C:\WINDOWS\system32\drivers\ntnox.sys[HAL.dll!KfLowerIrql] 6CB9FDC5
IAT \??\C:\WINDOWS\system32\drivers\ntnox.sys[HAL.dll!KeGetCurrentIrql] A784473C

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Programme\Logitech\Logitech WebCam Software\LWS.exe[108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01042F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\Logitech WebCam Software\LWS.exe[108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01042C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\Logitech WebCam Software\LWS.exe[108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01042CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\Logitech WebCam Software\LWS.exe[108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01042CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [0059696C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [00596C62] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [005975D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [00597AB6] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] [005953BB] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetFileType] [00597800] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetFileInformationByHandle] [00596432] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [00597BEA] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FindFirstFileExW] [00596BFF] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FindNextFileW] [005975D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleExW] [00595567] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileA] [00597BEA] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetFileSizeEx] [00598088] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileMappingW] [005983E4] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetFileAttributesExW] [0059792B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] [005953BB] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileMappingA] [0059831E] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW] [00598170] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!MapViewOfFileEx] [00598539] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetFileSizeEx] [00598088] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [00598170] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!CreateFileMappingW] [005983E4] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateFileMappingW] [005983E4] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CopyFileW] [00598170] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [005975D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] [005953BB] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [00597BEA] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [00597AB6] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [00596C62] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [0059696C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [005975D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] [005953BB] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0059D8B7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CopyFileA] [0059810B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CopyFileW] [00598170] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetFileInformationByHandle] [00596432] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesExW] [0059792B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileMappingA] [0059831E] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetModuleHandleA] [005953BB] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FindFirstFileA] [0059696C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FindNextFileA] [00596C62] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetFileInformationByHandle] [00596432] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CopyFileW] [00598170] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FindFirstFileExW] [00596BFF] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetFileAttributesA] [00597AB6] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateFileMappingW] [005983E4] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetFileAttributesExW] [0059792B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CopyFileExW] [0059824A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FindNextFileW] [005975D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryExA] [0059D8B7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleExW] [00595567] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!MapViewOfFileEx] [00598539] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateFileMappingW] [005983E4] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!OpenFileMappingW] [00598496] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0059D8B7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileType] [00597800] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileInformationByHandle] [00596432] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateFileMappingA] [0059831E] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [0059792B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!OpenFileMappingA] [00598441] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateFileMappingA] [0059831E] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!MapViewOfFileEx] [00598539] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!UnmapViewOfFile] [00598651] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FindFirstFileA] [0059696C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FindNextFileA] [00596C62] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CopyFileA] [0059810B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetFileAttributesA] [00597AB6] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetFileAttributesExA] [0059786D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetFileSizeEx] [00598088] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetFilePointerEx] [00597F7C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleExA] [005954E5] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] [005953BB] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] [0059548C] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateFileA] [00597BEA] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [0059D903] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!MapViewOfFile] [005985F2] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateFileMappingW] [005983E4] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!DuplicateHandle] [005976D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0059D882] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetFilePointer] [00597E71] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateFileW] [00597C8A] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0059D8B7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetFileAttributesW] [00597B26] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetFileTime] [00597769] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetFileSize] [00598002] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetModuleFileNameW] [00595311] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CopyFileW] [00598170] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FindClose] [0059765B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FindNextFileW] [005975D7] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FindFirstFileW] [00596A16] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetFileAttributesExW] [0059792B] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!ReadFile] [00597D80] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [0059D94F] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetModuleFileNameA] [00595243] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [0059D84D] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!FreeLibrary] [005950FC] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Carambis\Driver Updater\dupdater.exe[1052] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!CloseHandle] [00596637] C:\Programme\Carambis\Driver Updater\dupdater.exe (Carambis Driver Updater/Media Fog Ltd.)
IAT C:\Programme\Skype\Phone\Skype.exe[1200] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [02D22F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Skype\Phone\Skype.exe[1200] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [02D22C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Skype\Phone\Skype.exe[1200] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [02D22CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Skype\Phone\Skype.exe[1200] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [02D22CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\explorer.exe[10708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C42F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\explorer.exe[10708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C42C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\explorer.exe[10708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C42CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\explorer.exe[10708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C42CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)

---- EOF - GMER 1.0.15 ----

Lord-x1 · 29.03.2010, 16:18

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"ntnox" (ntnox) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ntnox.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"uwpiqkoc" (uwpiqkoc) - ? - C:\DOKUME~1\LordX\LOKALE~1\Temp\uwpiqkoc.sys (Hidden registry entry, rootkit activity | File not found)
"VIA USB Host Controller Lower Filter" (vulfnths) - "VIA Technologies, Inc." - C:\WINDOWS\System32\Drivers\vulfnth.sys
"VIA USB Roothub Lower Filter" (vulfntrs) - "VIA Technologies, Inc." - C:\WINDOWS\System32\Drivers\vulfntr.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - ? - (File not found | COM-object registry key not found)
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - ? - (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - ? - (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_17" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_17.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} "Java Plug-in 1.6.0_17" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_17.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_17" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_17.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
{1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Intelligente Auswahl" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
"PartyPoker.com" - ? - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{D4027C7F-154A-4066-A1AD-4243D8127440} "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\LordX\Startmenü\Programme\Autostart\desktop.ini
"OpenOffice.org 3.1.lnk" - ? - C:\Programme\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Driver Updater" - "Media Fog Ltd." - C:\Programme\Carambis\Driver Updater\dupdater.exe /minimized
"ISUSPM" - "Macrovision Corporation" - "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Skype" - "Skype Technologies S.A." - "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"BlackBerryAutoUpdate" - "Research In Motion Limited" - C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
"HP Software Update" - "Hewlett-Packard" - C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon" - "Hewlett-Packard" - C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
"LogitechQuickCamRibbon" - "Logitech Inc." - "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"RoxWatchTray" - "Sonic Solutions" - "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Java\jre6\bin\jusched.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce )-----
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LiveShare P2P Server 9" (RoxLiveShare9) - "Sonic Solutions" - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZinw12.dll
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZipm12.dll
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"Roxio Hard Drive Watcher 9" (RoxWatch9) - "Sonic Solutions" - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
"Roxio UPnP Renderer 9" (Roxio UPnP Renderer 9) - "Sonic Solutions" - C:\Programme\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
"Roxio Upnp Server 9" (Roxio Upnp Server 9) - "Sonic Solutions" - C:\Programme\Roxio\Digital Home 9\RoxioUpnpService9.exe
"RoxMediaDB9" (RoxMediaDB9) - "Sonic Solutions" - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Lord-x1 · 29.03.2010, 16:18

Osam mußte es trennen da es zu lang war hoffe das geht in ordnung.

Lord-x1 · 29.03.2010, 16:28

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 17:12:04 on 29.03.2010

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Opera Software Opera Internet Browser 10.51

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries

[Common]
-----( %SystemRoot%\Tasks )-----
"Scheduled Update for Ask Toolbar.job" - ? - C:\Programme\Ask.com\UpdateTask.exe (File found, but it contains no detailed information)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"ISUSPM.cpl" - "Macrovision Corporation" - C:\WINDOWS\system32\ISUSPM.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"ntnox" (ntnox) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ntnox.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"uwpiqkoc" (uwpiqkoc) - ? - C:\DOKUME~1\LordX\LOKALE~1\Temp\uwpiqkoc.sys (Hidden registry entry, rootkit activity | File not found)
"VIA USB Host Controller Lower Filter" (vulfnths) - "VIA Technologies, Inc." - C:\WINDOWS\System32\Drivers\vulfnth.sys
"VIA USB Roothub Lower Filter" (vulfntrs) - "VIA Technologies, Inc." - C:\WINDOWS\System32\Drivers\vulfntr.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - ? - (File not found | COM-object registry key not found)
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - ? - (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - ? - (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_17" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_17.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} "Java Plug-in 1.6.0_17" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_17.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_17" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_17.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
{1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Intelligente Auswahl" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
"PartyPoker.com" - ? - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{D4027C7F-154A-4066-A1AD-4243D8127440} "Ask Toolbar" - "Ask.com" - C:\Programme\Ask.com\GenericAskToolbar.dll
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\LordX\Startmenü\Programme\Autostart\desktop.ini
"OpenOffice.org 3.1.lnk" - ? - C:\Programme\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Driver Updater" - "Media Fog Ltd." - C:\Programme\Carambis\Driver Updater\dupdater.exe /minimized
"ISUSPM" - "Macrovision Corporation" - "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"Skype" - "Skype Technologies S.A." - "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"BlackBerryAutoUpdate" - "Research In Motion Limited" - C:\Programme\Gemeinsame Dateien\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
"HP Software Update" - "Hewlett-Packard" - C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon" - "Hewlett-Packard" - C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
"LogitechQuickCamRibbon" - "Logitech Inc." - "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"RoxWatchTray" - "Sonic Solutions" - "C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Java\jre6\bin\jusched.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce )-----
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LiveShare P2P Server 9" (RoxLiveShare9) - "Sonic Solutions" - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZinw12.dll
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\WINDOWS\system32\HPZipm12.dll
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"Roxio Hard Drive Watcher 9" (RoxWatch9) - "Sonic Solutions" - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
"Roxio UPnP Renderer 9" (Roxio UPnP Renderer 9) - "Sonic Solutions" - C:\Programme\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
"Roxio Upnp Server 9" (Roxio Upnp Server 9) - "Sonic Solutions" - C:\Programme\Roxio\Digital Home 9\RoxioUpnpService9.exe
"RoxMediaDB9" (RoxMediaDB9) - "Sonic Solutions" - C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus · 29.03.2010, 18:14

Code:

ATTFilter

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ntnox" (ntnox) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ntnox.sys
"uwpiqkoc" (uwpiqkoc) - ? - C:\DOKUME~1\LordX\LOKALE~1\Temp\uwpiqkoc.sys (Hidden registry entry, rootkit activity | File not found)
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)

Bitte mit OSAM deaktivieren (siehe Anleitung zu OSAM). Poste danach ein neues Log von OSAM und lass die Dateien

C:\WINDOWS\system32\drivers\ntnox.sys
C:\DOKUMENTE UND EINSTELLUNGEN\LordX\LOKALE EINSTELLUNGEN\Temp\uwpiqkoc.sys
C:\WINDOWS\system32\drivers\WDICA.sys

bei Virustotal auswerten. Bitte dann die Ergebnislinks posten.

Lord-x1 · 29.03.2010, 18:32

C:\WINDOWS\system32\drivers\ntnox.sys erledigt
C:\DOKUMENTE UND EINSTELLUNGEN\LordX\LOKALE EINSTELLUNGEN\Temp\uwpiqkoc.sys wo finde ich die datei bei Osam
C:\WINDOWS\system32\drivers\WDICA.sys erledigt

Virustotal auswerten lassen ?

Was meinst du damit? Sorry habe es nicht Kapiert.

cosinus · 29.03.2010, 18:56

Du gehst auf https://www.virustotal.com und lädst dort die Dateien hoch. Alle nacheinander.

Lord-x1 · 29.03.2010, 19:01

C:\DOKUMENTE UND EINSTELLUNGEN\LordX\LOKALE EINSTELLUNGEN\Temp\uwpiqkoc.sys

wo finde ich die datei bei Osam

29.03.2010, 14:41	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden - Standard$ TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden Mal eine Frage: Hast Du zufällig die Daemon-Tools für virtuelle DVD-Laufwerke installiert? Mach bitte zusätzlich auch Logfiles mit GMER und OSAM und poste sie. __________________ Logfiles bitte immer in CODE-Tags posten

29.03.2010, 18:56	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	$TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden - Standard$ TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden Du gehst auf https://www.virustotal.com und lädst dort die Dateien hoch. Alle nacheinander. __________________ Logfiles bitte immer in CODE-Tags posten

TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden

Plagegeister aller Art und deren Bekämpfung: TR/Agent.ruo' [trojan] in C:\WINDOWS\system32\sysayg.dll gefunden