GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-21 12:41:40
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000035 HGST_HTS545050A7E680 rev.GG2OAF10 465,76GB
Running: gmer.exe; Driver: C:\Users\Asus\AppData\Local\Temp\kxdirpoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\Explorer.EXE[1260] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                   000007fcaf48177a 4 bytes [48, AF, FC, 07]
.text    C:\Windows\Explorer.EXE[1260] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                   000007fcaf481782 4 bytes [48, AF, FC, 07]

---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [464:480]                                                                                                                                                      fffff960008c35e8
---- Processes - GMER 2.1 ----

Library  C:\Users\Asus\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [1356] (Chromium/The Chromium Authors)(2013-12-05 18:21:02)  0000000071960000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [1356] (ICU Data DLL/The ICU Project)(2013-09-07 02:11:12)      0000000070980000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\libPokki.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [248] (Chromium/The Chromium Authors)(2013-12-05 18:21:02)   0000000071960000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\icudt.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [248] (ICU Data DLL/The ICU Project)(2013-09-07 02:11:12)       0000000070980000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [248](2013-09-07 02:11:12)                   000000006b320000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\avcodec-54.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [248](2013-09-07 02:11:12)                                 000000006b030000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\avutil-51.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [248](2013-09-07 02:11:12)                                  000000006b000000
Library  C:\Users\Asus\AppData\Local\Pokki\Engine\avformat-54.dll (*** suspicious ***) @ C:\Users\Asus\AppData\Local\Pokki\Engine\pokki.exe [248](2013-09-07 02:11:12)                                000000006af70000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                        unknown MBR code

---- EOF - GMER 2.1 ----