GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-03-24 15:24:26 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1600BEVT-22ZCT0 rev.11.01A11 149,05GB Running: okbq76gl.exe; Driver: C:\Users\Ilona\AppData\Local\Temp\fwddakod.sys ---- Kernel code sections - GMER 2.1 ---- .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000154c00 7 bytes [00, 93, F3, FF, 41, A4, F0] .text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000154c08 3 bytes [00, 07, 02] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000076718791 4 bytes [C2, 04, 00, 00] .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000075d81401 2 bytes JMP 7673b21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000075d81419 2 bytes JMP 7673b346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000075d81431 2 bytes JMP 767b8ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000075d8144a 2 bytes CALL 767148ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000075d814dd 2 bytes JMP 767b87a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000075d814f5 2 bytes JMP 767b8978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000075d8150d 2 bytes JMP 767b8698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000075d81525 2 bytes JMP 767b8a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000075d8153d 2 bytes JMP 7672fca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000075d81555 2 bytes JMP 767368ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000075d8156d 2 bytes JMP 767b8f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000075d81585 2 bytes JMP 767b8ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000075d8159d 2 bytes JMP 767b865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000075d815b5 2 bytes JMP 7672fd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000075d815cd 2 bytes JMP 7673b2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000075d816b2 2 bytes JMP 767b8e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1436] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000075d816bd 2 bytes JMP 767b85f1 C:\Windows\syswow64\kernel32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 00000000741311a8 2 bytes [13, 74] .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 248 000000007413127d 2 bytes CALL 767114b9 C:\Windows\syswow64\kernel32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 395 0000000074131310 2 bytes CALL 767114b9 C:\Windows\syswow64\kernel32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 00000000741313a8 2 bytes [13, 74] .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 0000000074131422 2 bytes [13, 74] .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 0000000074131498 2 bytes [13, 74] .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextCreate + 4 0000000073d61825 2 bytes JMP 75666125 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextDestroy + 4 0000000073d61830 2 bytes JMP 75666145 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextDestroyAll + 4 0000000073d6183b 2 bytes JMP 75666165 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dDrawPrimitives2 + 4 0000000073d61846 2 bytes JMP 75665a05 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dValidateTextureStageState + 4 0000000073d61851 2 bytes JMP 75666185 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAddAttachedSurface + 4 0000000073d6185c 2 bytes JMP 75666265 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAlphaBlt + 4 0000000073d61867 2 bytes JMP 75666285 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAttachSurface + 4 0000000073d61872 2 bytes JMP 756662a5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdBeginMoCompFrame + 4 0000000073d6187d 2 bytes JMP 756662c5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdBlt + 4 0000000073d61888 2 bytes JMP 75665a25 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCanCreateD3DBuffer + 4 0000000073d61893 2 bytes JMP 756662e5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCanCreateSurface + 4 0000000073d6189e 2 bytes JMP 75665aa5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdColorControl + 4 0000000073d618a9 2 bytes JMP 75666305 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateD3DBuffer + 4 0000000073d618b4 2 bytes JMP 75666325 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateDirectDrawObject + 4 0000000073d618bf 2 bytes JMP 75631fcb C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateMoComp + 4 0000000073d618ca 2 bytes JMP 75666365 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurface + 4 0000000073d618d5 2 bytes JMP 75665ac5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurfaceEx + 4 0000000073d618e0 2 bytes JMP 75665b45 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurfaceObject + 4 0000000073d618eb 2 bytes JMP 75665b65 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDeleteDirectDrawObject + 4 0000000073d618f6 2 bytes JMP 756668c5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDeleteSurfaceObject + 4 0000000073d61901 2 bytes JMP 75665a85 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroyD3DBuffer + 4 0000000073d6190c 2 bytes JMP 756668e5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroyMoComp + 4 0000000073d61917 2 bytes JMP 75666925 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroySurface + 4 0000000073d61922 2 bytes JMP 75665ae5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdEndMoCompFrame + 4 0000000073d6192d 2 bytes JMP 75666945 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdFlip + 4 0000000073d61938 2 bytes JMP 75666965 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdFlipToGDISurface + 4 0000000073d61943 2 bytes JMP 75666985 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetAvailDriverMemory + 4 0000000073d6194e 2 bytes JMP 756669a5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetBltStatus + 4 0000000073d61959 2 bytes JMP 756669c5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDC + 4 0000000073d61964 2 bytes JMP 756669e5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDriverInfo + 4 0000000073d6196f 2 bytes JMP 75666a05 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDriverState + 4 0000000073d6197a 2 bytes JMP 75666a25 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDxHandle + 4 0000000073d61985 2 bytes JMP 75666a45 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetFlipStatus + 4 0000000073d61990 2 bytes JMP 75666a65 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetInternalMoCompInfo + 4 0000000073d6199b 2 bytes JMP 75666a85 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompBuffInfo + 4 0000000073d619a6 2 bytes JMP 75666aa5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompFormats + 4 0000000073d619b1 2 bytes JMP 75666ac5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompGuids + 4 0000000073d619bc 2 bytes JMP 75666ae5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetScanLine + 4 0000000073d619c7 2 bytes JMP 75666b05 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdLock + 4 0000000073d619d2 2 bytes JMP 75666b25 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdLockD3D + 4 0000000073d619dd 2 bytes JMP 75665b85 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdQueryDirectDrawObject + 4 0000000073d619e8 2 bytes JMP 75666b65 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdQueryMoCompStatus + 4 0000000073d619f3 2 bytes JMP 75666b85 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdReenableDirectDrawObject + 4 0000000073d619fe 2 bytes JMP 75666bc3 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdReleaseDC + 4 0000000073d61a09 2 bytes JMP 75666be3 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdRenderMoComp + 4 0000000073d61a14 2 bytes JMP 75666c03 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdResetVisrgn + 4 0000000073d61a1f 2 bytes JMP 75665b05 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetColorKey + 4 0000000073d61a2a 2 bytes JMP 75666c23 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetExclusiveMode + 4 0000000073d61a35 2 bytes JMP 75666c43 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetGammaRamp + 4 0000000073d61a40 2 bytes JMP 75666c63 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetOverlayPosition + 4 0000000073d61a4b 2 bytes JMP 75666c83 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnattachSurface + 4 0000000073d61a56 2 bytes JMP 75666ca3 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnlock + 4 0000000073d61a61 2 bytes JMP 75666cc3 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnlockD3D + 4 0000000073d61a6c 2 bytes JMP 75665ba5 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUpdateOverlay + 4 0000000073d61a77 2 bytes JMP 75666ce3 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 4 0000000073d61a82 2 bytes JMP 75666d03 C:\Windows\syswow64\GDI32.dll .text C:\Windows\snuvcdsm.exe[2204] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 52 0000000073d61ab2 2 bytes JMP 774edc75 C:\Windows\syswow64\msvcrt.dll ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\Explorer.EXE[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\Explorer.EXE[USER32.dll!DeferWindowPos] [7fef7cb1e30] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\Explorer.EXE[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\Explorer.EXE[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\SHELL32.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\SHELL32.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\SHELL32.dll[USER32.dll!DeferWindowPos] [7fef7cb1e30] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\SHELL32.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\ole32.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\EXPLORERFRAME.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\EXPLORERFRAME.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\EXPLORERFRAME.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\DUser.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\DUI70.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\IMM32.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\IMM32.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\MSCTF.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\MSCTF.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\MSCTF.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\UxTheme.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\SETUPAPI.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\SETUPAPI.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!DeferWindowPos] [7fef7cb1e30] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\CLBCatQ.DLL[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\System32\cscui.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\ntshrui.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\ntshrui.dll[USER32.dll!DeferWindowPos] [7fef7cb1e30] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\ATL.DLL[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\ATL.DLL[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\System32\shdocvw.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\System32\shdocvw.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\msutb.dll[USER32.dll!MoveWindow] [7fef7cb1ad0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\msutb.dll[USER32.dll!EndPaint] [7fef7cb1fe0] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll IAT C:\Windows\Explorer.EXE[832] @ C:\Windows\system32\msutb.dll[USER32.dll!SetWindowPos] [7fef7cb1c70] C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll ---- EOF - GMER 2.1 ----