GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-10-27 14:38:46
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST500LM012_HN-M500MBB rev.2AR10001 465.76GB
Running: xmv5mqs2.exe; Driver: C:\Users\Monte\AppData\Local\Temp\ugloypow.sys


---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                               unknown MBR code

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [1000:460]                          000007fefb62f2c0
Thread  C:\Windows\System32\svchost.exe [1000:388]                          000007fefb5a6204
Thread  C:\Windows\System32\svchost.exe [1000:1088]                         000007fefa9a331c
Thread  C:\Windows\System32\svchost.exe [1000:1192]                         000007fefa4359a0
Thread  C:\Windows\System32\svchost.exe [1000:2204]                         000007fef6df20c0
Thread  C:\Windows\System32\svchost.exe [1000:2220]                         000007fef6df26a8
Thread  C:\Windows\System32\svchost.exe [1000:2228]                         000007fef6df29dc
Thread  C:\Windows\System32\svchost.exe [1000:3436]                         000007fef7d244d0
Thread  C:\Windows\System32\svchost.exe [1000:3708]                         000007fefc4d1a70
Thread  C:\Windows\System32\svchost.exe [1000:3716]                         000007fefcf5c608
Thread  C:\Windows\System32\svchost.exe [1000:3784]                         000007fefcf5c608
Thread  C:\Windows\System32\svchost.exe [1000:3788]                         000007fefcf5c608
Thread  C:\Windows\System32\svchost.exe [1000:3712]                         000007fefcf5c608
Thread  C:\Windows\System32\svchost.exe [1000:3776]                         000007fefcf5c608
Thread  C:\Windows\System32\svchost.exe [1000:4484]                         000007fee7053efc
Thread  C:\Windows\System32\svchost.exe [1000:4532]                         000007fee7158a4c
Thread  C:\Windows\System32\svchost.exe [1000:3836]                         000007fef80089b8
Thread  C:\Windows\system32\svchost.exe [164:5044]                          000007fef6bbb1b0
Thread  C:\Windows\system32\svchost.exe [376:5040]                          000007fef7fa5124
Thread  C:\Windows\system32\svchost.exe [376:4260]                          000007fef6844164
Thread  C:\Windows\system32\svchost.exe [1116:1152]                         000007fefa81341c
Thread  C:\Windows\system32\svchost.exe [1116:1156]                         000007fefa813a2c
Thread  C:\Windows\system32\svchost.exe [1116:1160]                         000007fefa815c20
Thread  C:\Windows\system32\svchost.exe [1116:1164]                         000007fefa813768
Thread  C:\Windows\system32\svchost.exe [1116:1944]                         000007fef804bd70
Thread  C:\Windows\system32\svchost.exe [1116:2908]                         000007fefa813900
Thread  C:\Windows\system32\svchost.exe [1116:3904]                         000007fef5ce5170
Thread  C:\Windows\system32\svchost.exe [1116:4400]                         000007fef7fa5124
Thread  C:\Windows\System32\spoolsv.exe [1328:1796]                         000007fef72e10c8
Thread  C:\Windows\System32\spoolsv.exe [1328:188]                          000007fef7146144
Thread  C:\Windows\System32\spoolsv.exe [1328:1716]                         000007fef6f35fd0
Thread  C:\Windows\System32\spoolsv.exe [1328:1720]                         000007fef6f23438
Thread  C:\Windows\System32\spoolsv.exe [1328:2052]                         000007fef6f363ec
Thread  C:\Windows\System32\spoolsv.exe [1328:2060]                         000007fef73d5e5c
Thread  C:\Windows\system32\svchost.exe [1452:1820]                         000007fef8f035c0
Thread  C:\Windows\system32\svchost.exe [1452:2200]                         000007fef8f05600
Thread  C:\Windows\system32\svchost.exe [1452:2272]                         000007fef69b2940
Thread  C:\Windows\system32\svchost.exe [1452:2916]                         000007fef5c42888
Thread  C:\Windows\system32\svchost.exe [1452:4252]                         000007fef5c42a40
Thread  C:\Windows\System32\svchost.exe [1768:2000]                         000007fef83f0360
Thread  C:\Windows\System32\svchost.exe [1768:2004]                         000007fef83ce460
Thread  C:\Windows\System32\svchost.exe [1768:2008]                         000007fef83ce450
Thread  C:\Windows\System32\svchost.exe [1768:2012]                         000007fef8395570
Thread  C:\Windows\System32\svchost.exe [1768:2016]                         000007fef83ca130
Thread  C:\Windows\System32\svchost.exe [1768:2020]                         000007fef8395560
Thread  C:\Windows\System32\svchost.exe [1768:2024]                         000007fef84182a0
Thread  C:\Windows\system32\taskhost.exe [2644:2864]                        000007fef66d1f38
Thread  C:\Windows\system32\taskhost.exe [2644:3656]                        000007fef5ce5170
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3252]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3256]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3260]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3264]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3268]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3272]  000007feed500b30
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3408]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3412]  000007feed4efb80
Thread  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2940:3416]  000007feed4efb80
Thread  C:\Windows\System32\svchost.exe [3868:4160]                         000007fef5ce5170

---- EOF - GMER 2.1 ----