GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-03-13 18:54:23 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST975042 rev.0002 698,64GB Running: gmer.exe; Driver: C:\Users\Gabus\AppData\Local\Temp\awddqkod.sys ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_CxxThrowException] [ff6076adff6177ae] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__CxxFrameHandler3] [ff5e74acff5f75ac] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fclose] [ff5e73abff5f74ab] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fflush] [ff5c72a9ff5c72aa] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fgetc] [ff5b71a9ff5c71a9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fgetpos] [ff596fa8ff5a70a8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fsetpos] [ff586ea7ff596fa7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_fseeki64] [ff576da6ff576da6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fwrite] [ff566ca4ff566ca5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!setvbuf] [ff546ba3ff556ba4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!ungetc] [ff5369a2ff5469a3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_lock_file] [ff5168a1ff5269a2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_unlock_file] [ff5167a0ff5167a1] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!memcpy_s] [ff4f65a0ff4f66a0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_fsopen] [ff4d659fff4e659f] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fseek] [ff4c639eff4d649e] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wfsopen] [ff4b629cff4c639d] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?__ExceptionPtrDestroy@@YAXPEAX@Z] [ff4a619cff4b619c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?__ExceptionPtrCopy@@YAXPEAXPEBX@Z] [ff49609bff49619b] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?__ExceptionPtrRethrow@@YAXPEBX@Z] [ff475e9aff485f9a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z] [ff475d98ff475e99] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?set@event@Concurrency@@QEAAXXZ] [ff455c97ff465c98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!ldexp] [ff445b97ff455b98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!sprintf_s] [ff435a96ff435b96] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!strcspn] [ff415995ff435996] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!wcslen] [ff415794ff415995] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_Strftime] [ff405794ff405794] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_Wcsftime] [ff3f5692ff3f5693] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!strcmp] [ff3c528aff3e5592] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!setlocale] [ff778cbeff3c528a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_malloc_crt] [ff768abeff768bbe] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_realloc_crt] [ff758abdff758abd] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z] [ff7488bcff7589bd] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fgetwc] [ff7387bcff7388bb] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fputwc] [ff7286baff7287ba] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!ungetwc] [ff7186baff7186ba] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__uncaught_exception] [ff7084b9ff7085b9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!towupper] [ff6e83b8ff6f84b8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!towlower] [ff6e83b7ff6e83b7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_errno] [ff6c81b6ff6d82b6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!memcmp] [ff6a80b4ff6c80b5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wcsdup] [ff6a7eb4ff6a80b4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!___lc_locale_name_func] [ff697eb3ff687eb4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!___lc_collate_cp_func] [ff677cb2ff687db2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtCompareStringA] [ff667bb1ff667cb2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtLCMapStringA] [ff647ab0ff657bb1] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!___lc_codepage_func] [ff6478afff6479b0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_ismbblead] [ff6277aeff6278ae] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!remove] [ff6076adff6177ae] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!rename] [ff5f75acff5f76ad] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wremove] [ff5e74abff5f75ac] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wgetcwd] [ff5d73aaff5e73aa] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wchdir] [ff5c71a9ff5c71a9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wmkdir] [ff5a70a8ff5b71a9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wrmdir] [ff596fa6ff5970a7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_wrename] [ff576da6ff586ea6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_getcwd] [ff566ca4ff566da5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_chdir] [ff556ba4ff566ca5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_mkdir] [ff546aa3ff546ba3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_rmdir] [ff5268a2ff5269a2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtIsPackagedApp] [ff5167a1ff5268a1] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtCreateSymbolicLinkW] [ff5066a0ff5067a0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!calloc] [ff4f659fff4f659f] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?what@exception@std@@UEBAPEBDXZ] [ff4d639eff4e649e] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1_Condition_variable@details@Concurrency@@QEAA@XZ] [ff4c629dff4d639e] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?wait@_Condition_variable@details@Concurrency@@QEAAXAEAVcritical_section@3@@Z] [ff4b629cff4b619c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?wait_for@_Condition_variable@details@Concurrency@@QEAA_NAEAVcritical_section@3@I@Z] [ff49609bff4a619b] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?notify_one@_Condition_variable@details@Concurrency@@QEAAXXZ] [ff485f9aff495f9b] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?notify_all@_Condition_variable@details@Concurrency@@QEAAXXZ] [ff475e99ff485e99] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_beginthreadex] [ff465d98ff465d98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_endthreadex] [ff455b97ff455c98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0critical_section@Concurrency@@QEAA@XZ] [ff435a96ff445b97] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1critical_section@Concurrency@@QEAA@XZ] [ff425a96ff435a96] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?lock@critical_section@Concurrency@@QEAAXXZ] [ff415995ff425995] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?try_lock@critical_section@Concurrency@@QEAA_NXZ] [ff405893ff415895] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?try_lock_for@critical_section@Concurrency@@QEAA_NI@Z] [ff3f5693ff405793] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?unlock@critical_section@Concurrency@@QEAAXXZ] [ff3c528aff3e5692] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?terminate@@YAXXZ] [ff778cbeff3c528a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtFlsAlloc] [ff768bbeff778bbe] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtFlsFree] [ff758abdff768bbd] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtFlsGetValue] [ff7489bcff758abc] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtFlsSetValue] [ff7388bcff7488bb] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0operation_timed_out@Concurrency@@QEAA@XZ] [ff7287bbff7287bb] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?Alloc@Concurrency@@YAPEAX_K@Z] [ff7186baff7286ba] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPEAX@Z0@Z] [ff6f85b9ff7085b9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0invalid_link_target@Concurrency@@QEAA@PEBD@Z] [ff6f84b8ff7084b8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0message_not_found@Concurrency@@QEAA@XZ] [ff6d83b7ff6e83b7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ] [ff6c81b6ff6d82b6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0bad_target@Concurrency@@QEAA@XZ] [ff6b80b5ff6c80b6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0invalid_operation@Concurrency@@QEAA@PEBD@Z] [ff6a7fb4ff6a7fb4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?wait@event@Concurrency@@QEAA_KI@Z] [ff687eb3ff697fb4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1event@Concurrency@@QEAA@XZ] [ff677db2ff687eb3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0event@Concurrency@@QEAA@XZ] [ff677cb1ff677cb2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?Free@Concurrency@@YAXPEAX@Z] [ff657ab1ff657bb1] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ] [ff6479afff647ab0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z] [ff6278afff6378af] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ] [ff6176adff6177ae] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ] [ff5f76acff6076ad] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z] [ff5f74abff5f75ac] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ] [ff5d73aaff5d74ab] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_Yield@_Context@details@Concurrency@@SAXXZ] [ff5c72a9ff5c72aa] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_UnderlyingYield@details@Concurrency@@YAXXZ] [ff5b70a9ff5b71a9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ] [ff5970a7ff5a70a8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ] [ff586ea6ff596fa7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ] [ff566ca5ff576da5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0task_canceled@Concurrency@@QEAA@XZ] [ff556ba4ff566ca5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1_SpinLock@details@Concurrency@@QEAA@XZ] [ff546aa3ff556ba3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0_SpinLock@details@Concurrency@@QEAA@AECJ@Z] [ff5369a2ff536aa3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?Log2@details@Concurrency@@YAK_K@Z] [ff5168a2ff5269a2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_lock] [ff5067a1ff5067a0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_unlock] [ff4f669fff5066a0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__pctype_func] [ff4d649eff4e659f] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!isupper] [ff4c639dff4d639e] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_calloc_crt] [ff4b629dff4b629d] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtGetLocaleInfoEx] [ff4a619bff4a619c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!islower] [ff49609aff49609b] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtLCMapStringW] [ff475e99ff485e9a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!isspace] [ff465d98ff465d99] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!tolower] [ff455c97ff465d98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!memchr] [ff445b96ff445b97] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!sqrt] [ff435a96ff435a96] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!isdigit] [ff415895ff425995] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!isalnum] [ff415794ff415895] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtCompareStringW] [ff405793ff405794] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__C_specific_handler] [ff3c528aff3f5693] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__dllonexit] [ff788cbfff3c528a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_onexit] [ff778bbeff778cbe] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__CppXcptFilter] [ff768abdff768bbe] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_amsg_exit] [ff7589bcff758abd] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_initterm] [ff7488bcff7489bc] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_initterm_e] [ff7388bbff7388bb] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crt_debugger_hook] [ff7286baff7287bb] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtUnhandledException] [ff7185baff7186b9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtTerminateProcess] [ff6f84b9ff7084b8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtCapturePreviousContext] [ff6e83b7ff6e83b8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!?_type_info_dtor_internal_method@type_info@@QEAAXXZ] [ff6d82b7ff6d83b7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__clean_type_info_names_internal] [ff6b81b6ff6c81b6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1bad_cast@std@@UEAA@XZ] [ff6a80b4ff6c80b5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0bad_cast@std@@QEAA@AEBV01@@Z] [ff697eb4ff6a7fb4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_W_Gettnames] [ff687db3ff697eb3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_W_Getmonths] [ff667cb2ff677cb2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_W_Getdays] [ff657bb1ff667cb1] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_Gettnames] [ff647aafff657ab0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_Getmonths] [ff6379aeff6379af] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_Getdays] [ff6177adff6278af] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!localeconv] [ff6176adff6176ad] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0bad_cast@std@@QEAA@PEBD@Z] [ff5f75acff6076ad] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??_V@YAXPEAX@Z] [ff5d73abff5f74ab] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??1exception@std@@UEAA@XZ] [ff5c72a9ff5d73aa] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0exception@std@@QEAA@AEBV01@@Z] [ff5b71a8ff5b71a9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0exception@std@@QEAA@AEBQEBDH@Z] [ff5970a8ff5a70a8] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0exception@std@@QEAA@AEBQEBD@Z] [ff596fa6ff596fa7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0exception@std@@QEAA@XZ] [ff576da5ff586da6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!memmove] [ff566ca4ff576ca5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!strlen] [ff556ba4ff556ba4] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!memcpy] [ff5369a3ff536aa3] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!malloc] [ff5268a1ff5269a2] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!free] [ff5067a0ff5168a1] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!___mb_cur_max_func] [ff5065a0ff5067a0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!_purecall] [ff4e659eff4e659f] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!rand_s] [ff4c639eff4d649e] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fputs] [ff4b639cff4c639d] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!fputc] [ff4a619bff4b619c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__iob_func] [ff495f9bff4a609c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!abort] [ff485f9aff485f9a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!logf] [ff465d99ff485e99] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!log] [ff455d98ff455d98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!__crtInitializeCriticalSectionEx] [ff445b97ff455c97] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??3@YAXPEAX@Z] [ff435b96ff445b97] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??2@YAPEAX_K@Z] [ff425996ff425a96] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!??0_Condition_variable@details@Concurrency@@QEAA@XZ] [ff415894ff415895] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[MSVCR110.dll!memset] [ff3f5794ff405793] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetCurrentProcessId] [ff4e659fff4f65a0] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!QueryPerformanceCounter] [ff4d649eff4d659f] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!IsProcessorFeaturePresent] [ff4c639dff4d649e] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!IsDebuggerPresent] [ff4a619cff4b629c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetStringTypeW] [ff49609bff4a619c] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetSystemTimeAsFileTime] [ff485f9aff49609b] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetExitCodeThread] [ff475e99ff475f9a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetCurrentThreadId] [ff465c98ff465e99] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetCurrentThread] [ff455c98ff455c98] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetCurrentProcess] [ff435a97ff445b97] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!Sleep] [ff425a96ff435a96] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!WaitForSingleObject] [ff415894ff425a95] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!DuplicateHandle] [ff415894ff415895] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!AreFileApisANSI] [ff3f5693ff405793] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!CreateHardLinkW] [ff3e5692ff3e5692] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!CopyFileW] [ff3c528aff3d5592] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetLastError] [ff778cbeff3c528a] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!CloseHandle] [ff768abdff768bbe] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!SetFileTime] [ff7489bcff7589bd] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetFileInformationByHandle] [ff7489bcff7489bc] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetFileAttributesExW] [ff7287baff7387bb] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!GetDiskFreeSpaceExW] [ff7186baff7287ba] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!FindNextFileW] [ff7085b9ff7185ba] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!FindFirstFileExW] [ff6f84b8ff6f84b9] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!FindClose] [ff6e83b7ff6f83b7] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!CreateFileW] [ff6c82b6ff6d82b6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!WideCharToMultiByte] [ff6c81b5ff6c81b6] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!MultiByteToWideChar] [ff6a80b4ff6b80b5] IAT C:\Windows\Explorer.EXE[1364] @ C:\Windows\system32\MSVCP110.dll[KERNEL32.dll!DisableThreadLibraryCalls] [ff6378afff6379af] ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc77372b27b6 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc77372b27b6 (not active ControlSet) ---- EOF - GMER 2.1 ----