GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-07-23 13:49:32
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5003AZEX-00K1GA0 rev.80.00A80 465,76GB
Running: ieogyyw9.exe; Driver: C:\Users\FIKUMI~1\AppData\Local\Temp\pxloypow.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\system32\ntoskrnl.exe!KiCpuId + 988                                      fffff801be65f41c 1 byte [31]

---- User code sections - GMER 2.1 ----

.text   C:\Windows\Explorer.EXE[360] C:\Windows\SYSTEM32\ntdll.dll!NtQueryLicenseValue      000007f9973d3f11 6 bytes JMP 000007fa90e63ff0
.text   C:\Windows\Explorer.EXE[360] C:\Windows\system32\KERNELBASE.dll!GetModuleFileNameW  000007f994462110 5 bytes JMP 000007fa90e64830
.text   C:\Windows\Explorer.EXE[360] C:\Windows\SYSTEM32\slc.dll!SLIsWindowsGenuineLocal    000007f99220d724 7 bytes JMP 000007fa90e64160
.text   C:\Windows\Explorer.EXE[360] C:\Windows\SYSTEM32\sppc.dll!SLIsGenuineLocalEx        000007f98f43cbf4 5 bytes JMP 000007f990e64180
.text   C:\Windows\Explorer.EXE[360] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 742         000007f991211b32 4 bytes [21, 91, F9, 07]
.text   C:\Windows\Explorer.EXE[360] C:\Windows\SYSTEM32\WSOCK32.dll!recvfrom + 750         000007f991211b3a 4 bytes [21, 91, F9, 07]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [444:476]                                             fffff9600076b5e8

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed   -164819376

---- EOF - GMER 2.1 ----