GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-01-08 21:54:12 Windows 6.1.7600 Running: rxdvgrx9.exe ---- Files - GMER 1.0.15 ---- File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Elite-Forces-Warfare-2[1].jpg 37757 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\061507_1379[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\061524_1292[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\index[1].css 1544 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Infinite[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\inpage_topic_all_bg[1].png 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\inpage_untopic_parts_bg_001[1].gif 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\inpage_untopic_tra_bg[1].png 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\China_report_20101220_COTV[1].jpg_120 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Christmas-Gifts-Chaser[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Christmas-Surprise-Sleigh[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\city_focus[1].jpg 25919 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\369619_100003228924408_1366849333_q[1].jpg 2653 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Adding-Fractions[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Halloween-Motorbike[1].jpg 18582 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\pm_728_90[4].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\visit[1].js 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\37536[1].gif 43 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\3D-Monster-Truck-Tower[1].jpg 35155 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\paging_bg_long[1].png 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\cTagsImgCmd[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\moogalover[1].swf 34608 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\mouse-is-hungry[1].jpg 2185 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\learning[1].jpg 21462 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Sensou-1.5[1].jpg 2904 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Tipsy-Drive[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Blue-House-Hidden-Objects[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\build_creative[1].htm 2976 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\alphabird2[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Winter-Race[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Witching-Hour[1].jpg 5166 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\Wonderputt[1].png 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\ddc[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\ads[2].js 10428 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\152306_1249[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0EKTZFSW\b592a7a960673287abae085078d38806[1].gif 15615 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\01[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\travel_videoplayer[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\beacons[1].txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\data[4].gif 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\invisible[1].gif 43 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\CD_Form_MultiWVMFS_728x90[1].swf 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Adobe_AX%20DR_Unknown_728x90_IMG[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\tags[1].js 32879 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\XGuBdjJaGbg[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Zombie-Apocalypse[1].jpg 9405 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\tt[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\idc-color-1223[1].png 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\idc-m-loading[1].gif 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\4721[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ddc[2].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ddc[3].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ddc[4].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ddc[5].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ddc[6].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ddc[7].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\dea15b8f3f37b909acf6430e837812f2[1].swf 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\default[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\js[3].js 1304 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Sensou[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Christmas---Coal-Mine-Escape[1].png 3796 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\134819_1475[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ads[6].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ads[7].htm 3955 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\dvtp_src[1].js 4906 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\errorPageStrings[1] 2013 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ErrorPageTemplate[1] 2168 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Ether-Cannon[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\flower-puzzle[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\flowplayer-3.2.6.min[1].js 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\flowplayer.playlist-3.0.8.min[1].js 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\if[2].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\iklunix_net[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\728[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Fvideo%252F%253Fcv1%253De92%253Fadv%253D559707%2526cam%253D269008%2526req%253D4f0a78ab42b1c6d9d1d5ffc.2[1].htm 526 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Fvideo%252F%253Fcv1%253De92%253Fadv%253D559707%2526cam%253D269008%2526req%253D4f0a78ab42b1c6d9d1d5ffc.2[2].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\text_group[3].js 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\tiny_rating_half[1].png 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Pinata-hunter[1].jpg 29109 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Pinky-Barbie[1].jpg 3479 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\st[1] 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\st[5] 4475 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\api[3].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ar_300_250[2].htm 803 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\ar_728_90[1].htm 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\background_gradient[1] 453 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Rack-Em-Up-8-Ball[1].jpg 4401 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\remoteVisit[3].gif 58 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\3358[1].gif 62 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\script250[1].js 4138 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Buckingham-Palace[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\CD_NewCelebrity_Chaz_FS_728x90[1].swf 35023 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\GCW_Gen_300x250_v1[1].swf 23478 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\House-of-Horror[1].jpg 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\Fast-Break[1].jpg 11015 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1FRQ1H4B\fece575bec727768a68d94073e100521[1].jpg 30733 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\fla2E7B.tmp 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\fla3467.tmp 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\fla7177.tmp 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\flaD952.tmp 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\AQDUBOS3.txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\BHWDHWSL.txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\PF69T0KD.txt 1275 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\QH4680RB.txt 634 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\M915UCY2.txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\UU3SJHXR.txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\EL98F59S.txt 98 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\XZYMF6J1.txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\IQXQK271.txt 0 bytes File C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\O56M691Y.txt 911 bytes ---- EOF - GMER 1.0.15 ----