GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-25 20:15:09
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GT00 596,17GB
Running: t7gfg2co.exe; Driver: C:\Users\Toshiba\AppData\Local\Temp\pwliypog.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\XSManager\XSManager.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69              00000000754a1465 2 bytes [4A, 75]
.text  C:\Program Files (x86)\XSManager\XSManager.exe[4404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155             00000000754a14bb 2 bytes [4A, 75]
.text  ...                                                                                                                       * 2

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch                                                           9298
Reg    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch                                                          3498
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Linkage@Bind                                                                 \Device\{5317F8A5-B4AD-4768-BFDA-6DF23C96176F}?\Device\{2BFD1D74-2C31-4D6B-9A94-7C1FD023142B}?\Device\{D46A08DA-12F6-428C-B56D-EF5C19C2D358}?\Device\{B8A3E010-C96B-481C-B9AE-DF723D9A6D4C}?\Device\{61AF17F8-0484-4DB6-9432-15E18FBF86A4}?\Device\{E23BD494-62CA-4E34-A297-6AA939697462}?
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5317F8A5-B4AD-4768-BFDA-6DF23C96176F}@DhcpIPAddress   109.84.16.111
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5317F8A5-B4AD-4768-BFDA-6DF23C96176F}@DhcpSubnetMask  255.255.255.255
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5317F8A5-B4AD-4768-BFDA-6DF23C96176F}@NameServer      139.7.30.125 139.7.30.126

---- EOF - GMER 2.1 ----