GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-12-21 21:50:00
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST3500418AS rev.CC38 465,76GB
Running: xtckmqvw.exe; Driver: C:\Users\Xxx\AppData\Local\Temp\uxriqpow.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 675                 fffff800031bb093 18 bytes {MOV DWORD [RSP+0x20], 0x7ffffffe; CALL 0xffffffffffff3a3d}
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 694                 fffff800031bb0a6 25 bytes {AND AL, 0x48; CMP R10D, ESI; LEA RBX, [RBX+RAX*2]; JL 0x15; JMP 0x10}

---- Threads - GMER 2.1 ----

Thread    C:\Windows\system32\svchost.exe [244:6432]                                         000007fef0691ab0
Thread    C:\Windows\System32\spoolsv.exe [1252:2692]                                        0000000051073290
Thread    C:\Windows\System32\spoolsv.exe [1252:2732]                                        000007fef75610c8
Thread    C:\Windows\System32\spoolsv.exe [1252:2824]                                        000007fef7536144
Thread    C:\Windows\System32\spoolsv.exe [1252:2828]                                        000007fef9785fd0
Thread    C:\Windows\System32\spoolsv.exe [1252:2832]                                        000007fef74e3438
Thread    C:\Windows\System32\spoolsv.exe [1252:2836]                                        000007fef97863ec
Thread    C:\Windows\System32\spoolsv.exe [1252:2844]                                        000007fef8175e5c
Thread    C:\Windows\System32\spoolsv.exe [1252:2848]                                        000007fef7615074
Thread    C:\Windows\system32\svchost.exe [1440:1740]                                        000007fef9785fd0
Thread    C:\Windows\system32\svchost.exe [1440:1744]                                        000007fef97863ec
Thread    C:\Windows\system32\svchost.exe [1440:2884]                                        000007fef20c8470
Thread    C:\Windows\system32\svchost.exe [1440:2880]                                        000007fef20d2418
Thread    C:\Windows\system32\svchost.exe [1440:3300]                                        000007fef0c8f130
Thread    C:\Windows\system32\svchost.exe [1440:3448]                                        000007fef0c84734
Thread    C:\Windows\system32\svchost.exe [1440:3760]                                        000007fef0c84734
Thread    C:\Windows\System32\svchost.exe [3976:2572]                                        000007fef7999688

---- Registry - GMER 2.1 ----

Reg       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband@FavoritesChanges  35

---- Files - GMER 2.1 ----

File      C:\Program Files (x86)\Mobogenie\mobogenie.apk                                     0 bytes
File      C:\Program Files (x86)\Mobogenie\Mobogenie.exe                                     0 bytes
File      C:\Program Files (x86)\Mobogenie\Mobogenie.url                                     0 bytes
File      C:\Program Files (x86)\Mobogenie\msvcp100.dll                                      0 bytes
File      C:\Program Files (x86)\Mobogenie\msvcr100.dll                                      0 bytes
File      C:\Program Files (x86)\Mobogenie\MUServer.apk                                      0 bytes
File      C:\Program Files (x86)\Mobogenie\OutlookOperatorC.exe                              0 bytes
File      C:\Program Files (x86)\Mobogenie\phonon4.dll                                       0 bytes
File      C:\Program Files (x86)\Mobogenie\phonon_backend                                    0 bytes

---- EOF - GMER 2.1 ----