GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-09-20 00:06:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST500LM0 rev.SM14 465,76GB
Running: 38b7cp3q.exe; Driver: c:\Temp\kgtoraod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                   fffff80002db8000 63 bytes [43, 4D, 33, 31, 05, 00, 00, ...]
INITKDBG  C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 592                                                                                                   fffff80002db8040 13 bytes [01, 90, F5, 0A, A0, F8, FF, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Users\Administrator\Downloads\OTL.exe[4716] C:\windows\syswow64\PSAPI.dll!GetModuleInformation + 69                                                               0000000076191465 2 bytes [19, 76]
.text     C:\Users\Administrator\Downloads\OTL.exe[4716] C:\windows\syswow64\PSAPI.dll!GetModuleInformation + 155                                                              00000000761914bb 2 bytes [19, 76]
.text     ...                                                                                                                                                                  * 2
---- Processes - GMER 2.1 ----

Library   C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [1424](2014-08-16 18:13:04)        000000006fbc0000
Library   C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [1424](2014-08-16 18:13:04)  000000006e940000
Library   C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [1424](2014-08-16 18:13:04)         000000006a1c0000
Library   C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [1424](2014-08-16 18:13:04)      000000006ff00000
Library   C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [1424](2014-08-16 18:13:04)   000000006efc0000
Library   C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [1424](2014-08-16 18:13:04)          000000006ed40000

---- EOF - GMER 2.1 ----