GMER 2.1.19163 - http://www.gmer.net Rootkit scan 2013-10-06 13:30:09 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 SAMSUNG_HD103SJ rev.1AJ100E5 931,51GB Running: llxtehlw.exe; Driver: C:\Users\Tommy\AppData\Local\Temp\kwlyipog.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 544 fffff80002fa7000 45 bytes [50, 66, 54, 74, 01, 00, 00, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 591 fffff80002fa702f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...] ---- User code sections - GMER 2.1 ---- .text C:\Windows\SysWOW64\svchost.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Windows\SysWOW64\svchost.exe[1800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[980] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe[980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[1340] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[1340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[1340] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[2264] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[2264] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[2264] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2284] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 00000000777ff8ea 1 byte [C3] .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2284] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[2284] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll!getJit + 32 0000000067239380 4 bytes [C8, 10, 01, 10] .text C:\Users\Tommy\AppData\Local\Akamai\netsession_win.exe[2296] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Users\Tommy\AppData\Local\Akamai\netsession_win.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Users\Tommy\AppData\Local\Akamai\netsession_win.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Users\Tommy\AppData\Local\Akamai\netsession_win.exe[2612] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Users\Tommy\AppData\Local\Akamai\netsession_win.exe[2612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Users\Tommy\AppData\Local\Akamai\netsession_win.exe[2612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe[2840] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe[2840] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe[2840] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2856] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe[2892] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe[2892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe[2892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe[2920] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe[2920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe[2920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Program Files (x86)\WebConnect\bin\utilWebConnect.exe[2388] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe[4716] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe[4716] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 .text C:\Users\Tommy\Desktop\llxtehlw.exe[620] C:\Windows\syswow64\USER32.dll!DialogBoxParamW 000000007720cfca 5 bytes JMP 0000000172b046b0 .text C:\Users\Tommy\Desktop\llxtehlw.exe[620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076931465 2 bytes [93, 76] .text C:\Users\Tommy\Desktop\llxtehlw.exe[620] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000769314bb 2 bytes [93, 76] .text ... * 2 ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\kernel32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\KERNELBASE.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\ADVAPI32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\USER32.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\USER32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!StartDocA] [7fef5c86474] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!CreateDCA] [7fef5c874e0] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!StartPage] [7fef5c86f94] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!EndPage] [7fef5c87aac] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MFC42.dll[GDI32.dll!EndDoc] [7fef5c871ac] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\SETUPAPI.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\CRYPT32.dll[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files\kX Audio Driver\3550\kxmixer.exe[2252] @ C:\Windows\system32\MMDevAPI.DLL[KERNEL32.dll!GetProcAddress] [3450000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\kernel32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\KERNELBASE.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\VERSION.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\DSOUND.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\USER32.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\USER32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\ADVAPI32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\ole32.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\ole32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\SETUPAPI.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\CFGMGR32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\COMCTL32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\COMCTL32.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\COMCTL32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\uxtheme.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\dwmapi.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\dwmapi.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\WINTRUST.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\CRYPT32.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\System32\MMDevApi.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe[2592] @ C:\Windows\system32\AUDIOSES.DLL[KERNEL32.dll!GetProcAddress] [1ce0000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\SYSTEM32\MSCOREE.DLL[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\KERNEL32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\KERNELBASE.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\ADVAPI32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\USER32.dll[GDI32.dll!CreateDCW] [7fef5c87358] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\USER32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!CreateDCW] [7fef5c87358] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!CreateDCW] [7fef5c87358] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\MSVCR80.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\ole32.dll[GDI32.dll!Escape] [7fef5c87928] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\ole32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[2740] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!GetProcAddress] [2200000] IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\kernel32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\KERNELBASE.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\USER32.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\USER32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [430000] IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\ADVAPI32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [430000] IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!GetProcAddress] [430000] IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [430000] IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [430000] IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe[3032] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\SYSTEM32\MSCOREE.DLL[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\KERNEL32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\KERNELBASE.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\ADVAPI32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\USER32.dll[GDI32.dll!CreateDCW] [7fef5c87358] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\USER32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!CreateDCW] [7fef5c87358] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!CreateDCW] [7fef5c87358] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\MSVCR80.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\ole32.dll[GDI32.dll!Escape] [7fef5c87928] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\ole32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[3860] @ C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll[KERNEL32.dll!GetProcAddress] [2250000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\kernel32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\KERNELBASE.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\USER32.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\USER32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\USER32.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\ADVAPI32.dll[ntdll.dll!LdrLoadDll] [7fef5c82484] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\ADVAPI32.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\ole32.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\ole32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\MSVCR80.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\IMM32.DLL[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\MSCTF.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\uxtheme.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\ntmarta.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\WLDAP32.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\WINSPOOL.DRV[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\WINSPOOL.DRV[GDI32.dll!CreateDCW] [7fef5c87358] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\WINSPOOL.DRV[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!Escape] [7fef5c87928] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\OLEAUT32.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!GetProcAddress] [310000] IAT C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe[4936] @ C:\Windows\system32\SHLWAPI.dll[GDI32.dll!DeleteDC] [7fef5c8727c] C:\Program Files (x86)\InkSaver\ISApExt64.dll ---- Threads - GMER 2.1 ---- Thread [1824:1840] 0000000075947587 Thread [1824:1844] 0000000073c9c59c Thread [1824:1848] 0000000073c9c59c Thread [1824:1852] 0000000072928a80 Thread [1824:1856] 00000000777b2e65 Thread [1824:4044] 00000000777b3e85 Thread [1824:4052] 0000000073c9c59c Thread [1824:3876] 0000000073c9c41c Thread [1824:2708] 0000000073c9c41c Thread [1824:2504] 0000000073c9c41c Thread [1824:3048] 0000000073c9c41c Thread [1824:2524] 0000000073c9c41c Thread [1824:2780] 0000000073c9c41c Thread [1824:164] 0000000073c9c41c Thread [1824:3796] 0000000073c9c41c Thread [1824:2872] 0000000073c9c41c Thread [1824:3848] 0000000073c9c41c Thread [1824:4076] 0000000073c9c41c Thread [1824:2128] 0000000073c9c41c Thread [1824:3904] 0000000073c9c41c Thread [1824:2928] 0000000073c9c41c Thread [1824:3232] 0000000073c9c41c Thread [1824:3196] 0000000073c9c41c Thread [1824:984] 0000000073c9c41c Thread [1824:1264] 0000000073c9c41c Thread [1824:1608] 0000000073c9c59c Thread [1824:1452] 000000005fe88bf0 Thread [1824:1472] 000000005fe88bf0 Thread [1824:1468] 000000005fe88bf0 Thread [1824:3276] 000000005fe84090 Thread [1824:3376] 0000000073c9c59c Thread [1824:1392] 0000000073c9c59c Thread [1824:3932] 0000000073c9c59c Thread C:\Windows\System32\svchost.exe [4104:5148] 000007feebaa9688 ---- EOF - GMER 2.1 ----