GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-07-28 15:08:41 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS543232A7A384 rev.ES2OA60W 298,09GB Running: rf0dri1h.exe; Driver: C:\Users\User\AppData\Local\Temp\pxrdypoc.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\AUDIODG.EXE [316:17376] 000000007014b5b0 Thread C:\Windows\system32\AUDIODG.EXE [316:20228] 000000007014b730 Thread C:\Windows\system32\AUDIODG.EXE [316:11996] 000000007014bae4 Thread C:\Windows\system32\AUDIODG.EXE [316:3528] 000000007015a7e4 Thread C:\Windows\system32\AUDIODG.EXE [316:17328] 000000007015a948 Thread C:\Windows\system32\AUDIODG.EXE [316:22872] 000000007015a508 Thread C:\Windows\system32\AUDIODG.EXE [316:23464] 000000007015a7e4 Thread C:\Windows\system32\AUDIODG.EXE [316:18484] 000000007015a948 Thread C:\Windows\system32\AUDIODG.EXE [316:21828] 000000007015a508 ---- Processes - GMER 2.1 ---- Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1580] 000000006fbc0000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1580](2013-12-23 17:21:43) 000000006e940000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1580](2 000000006a1c0000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1580](2013-12-23 17:21:43) 000000006ff00000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1580](2013-12-23 17:21:43) 000000006efc0000 Library C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll (*** suspicious ***) @ C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe [1580](201 000000006ed40000 ---- EOF - GMER 2.1 ----