Prosím o kontrolu logu - Freezy hry

Dymon · Příspěvekod **Dymon** » 19 dub 2010 17:32

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:01, on 19.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\Hotspot Shield\bin\openvpnas.exe
E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
E:\Program Files\ICQ6Toolbar\ICQ Service.exe
E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
E:\Program Files\winamp\winampa.exe
E:\Program Files\Pošťák\Postak\Postak.exe
E:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program Files\A4Tech\Mouse\Amoumain.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
E:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\Opera\opera.exe
E:\Program Files\Ventrilo\Ventrilo.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - E:\Program Files\Pošťák\Postak\SRank.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\winamp\winampa.exe"
O4 - HKLM\..\Run: [SMail] "E:\Program Files\Pošťák\Postak\Postak.exe"
O4 - HKLM\..\Run: [HP Component Manager] "E:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WheelMouse] E:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\sdasdas\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AFProg] E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Download Using &BitSpirit - E:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCFE3FAC-4BE7-41F6-B87B-87F2A7DA2B30}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: E:\WINDOWS\system32\wbsys.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - E:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - E:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: ICQ Service - Unknown owner - E:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 9676 bytes

Reklama

Příspěvekod **jaro3** » 19 dub 2010 18:55

Odinstaluj:
ICQToolBar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\sdasdas\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Dymon · Příspěvekod **Dymon** » 19 dub 2010 21:05

Malwarebytes' Anti-Malware 1.42
Verze databáze: 3300
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19.4.2010 21:05:07
mbam-log-2010-04-19 (21-05-07).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 138794
Uplynulý čas: 11 minute(s), 22 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Jen bych chtěl podotknout, že dnes mi NOD našel 2 viry v "E:\Windows\system32\LPAD32.dll"

Příspěvekod **jaro3** » 19 dub 2010 21:31

OK.

Vypni rez. ochranu u NOD32.

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Dymon · Příspěvekod **Dymon** » 19 dub 2010 22:18

ComboFix 10-04-18.04 - Petr 19.04.2010 22:04:36.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2618 [GMT 2:00]
Spuštěný z: e:\documents and settings\Petr\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ActiveArmor Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-19 do 2010-04-19 )))))))))))))))))))))))))))))))
.

2010-04-19 18:26 . 2010-04-19 18:26 -------- d-----w- e:\documents and settings\Petr\DoctorWeb
2010-04-06 14:18 . 2010-04-06 14:18 -------- d-----w- e:\program files\Cenega Czech
2010-03-24 16:12 . 2010-03-24 16:13 -------- d-----w- e:\program files\A4Tech
2010-03-24 16:00 . 2001-10-24 10:54 12160 -c--a-w- e:\windows\system32\dllcache\mouhid.sys
2010-03-24 16:00 . 2001-10-24 10:54 12160 ----a-w- e:\windows\system32\drivers\mouhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-18 19:18 . 2008-11-21 19:26 -------- d-----w- e:\program files\Nero
2010-04-16 12:13 . 2008-11-22 19:28 -------- d-----w- e:\program files\Common Files\Adobe
2010-04-16 12:05 . 2009-08-09 06:51 -------- d-----w- e:\program files\sdasdas
2010-04-12 15:39 . 2010-01-17 13:52 -------- d-----w- e:\program files\Counter-Strike 1.6
2010-04-07 18:43 . 2010-02-27 20:31 -------- d-----w- e:\program files\ICQ7.0
2010-04-06 18:27 . 2009-07-24 17:36 -------- d-----w- e:\program files\DreamCom
2010-04-06 14:12 . 2002-09-23 12:00 487794 ----a-w- e:\windows\system32\perfh005.dat
2010-04-06 14:12 . 2002-09-23 12:00 101624 ----a-w- e:\windows\system32\perfc005.dat
2010-04-04 11:17 . 2008-11-19 16:55 -------- d--h--w- e:\program files\InstallShield Installation Information
2010-04-04 11:05 . 2010-02-16 18:15 -------- d-----w- e:\program files\Rockstar Games
2010-03-26 20:18 . 2008-11-21 12:29 215104 ----a-w- e:\windows\system32\PnkBstrB.exe
2010-03-26 20:15 . 2008-11-21 12:29 138576 ----a-w- e:\windows\system32\drivers\PnkBstrK.sys
2010-03-23 12:14 . 2008-11-19 17:25 -------- d-----w- e:\program files\Opera
2010-03-20 12:17 . 2008-11-21 12:30 75064 ----a-w- e:\windows\system32\PnkBstrA.exe
2010-03-20 12:17 . 2010-03-20 12:17 794408 ----a-w- e:\windows\system32\pbsvc.exe
2010-03-20 09:59 . 2010-03-20 09:59 -------- d-----w- e:\program files\GamePark
2010-03-19 20:54 . 2009-12-05 17:58 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2010-02-27 20:33 . 2010-02-27 20:33 -------- d-----w- e:\program files\ICQ6Toolbar
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- e:\program files\opera\program\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- e:\program files\opera\program\plugins\ssldivx.dll
2006-05-03 09:06 . 2009-07-07 10:57 163328 --sh--r- e:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2009-07-07 10:57 31232 --sh--r- e:\windows\system32\msfDX.dll
2008-03-16 12:30 . 2009-07-07 10:57 216064 --sh--r- e:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-12-21_19.00.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-04 15:34 . 1996-09-30 18:46 24576 e:\windows\UniFISH.exe
- 2009-10-04 15:34 . 2003-03-08 13:43 24576 e:\windows\UniFISH.exe
+ 2010-02-12 17:17 . 2009-09-04 16:44 69464 e:\windows\system32\XAPOFX1_3.dll
+ 2010-02-12 17:17 . 2008-10-27 09:04 70992 e:\windows\system32\XAPOFX1_2.dll
+ 2010-02-12 17:17 . 2008-07-31 09:41 68616 e:\windows\system32\XAPOFX1_1.dll
+ 2010-02-12 17:17 . 2009-03-16 13:18 22360 e:\windows\system32\X3DAudio1_6.dll
+ 2010-02-12 17:17 . 2008-10-27 09:04 23376 e:\windows\system32\X3DAudio1_5.dll
+ 2008-11-21 20:57 . 2006-06-29 11:07 14048 e:\windows\system32\spmsg2.dll
- 2008-11-21 20:57 . 2006-06-29 12:07 14048 e:\windows\system32\spmsg2.dll
+ 2010-03-24 16:15 . 2007-05-14 21:41 14336 e:\windows\system32\ReinstallBackups\0007\DriverFiles\Amusbprt.sys
- 2002-09-23 12:00 . 2009-11-22 12:34 89922 e:\windows\system32\perfc009.dat
+ 2002-09-23 12:00 . 2010-04-06 14:12 89922 e:\windows\system32\perfc009.dat
- 2008-11-19 17:43 . 2008-11-19 17:43 84661 e:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2008-11-19 17:43 . 2010-04-15 17:27 84661 e:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2007-05-14 21:41 . 2007-05-14 21:41 14336 e:\windows\system32\drivers\Amusbprt.sys
+ 2007-05-14 21:40 . 2007-05-14 21:40 14336 e:\windows\system32\drivers\Amps2prt.sys
+ 2004-08-17 15:43 . 2008-04-14 06:36 23040 e:\windows\system32\dllcache\mouclass.sys
+ 2007-05-15 09:31 . 2007-05-15 09:31 36864 e:\windows\system32\Amhooker.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 97280 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\DeleteTemp.exe
+ 2008-03-22 08:27 . 2008-03-22 08:27 28302 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\baseline.dat
+ 2008-03-22 08:33 . 2008-03-22 08:33 46096 e:\windows\Microsoft.NET\Framework\v3.5\cs\MSBuild.resources.exe
- 2006-10-31 04:08 . 2006-10-31 04:08 32768 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\WsatConfig.resources.dll
+ 2007-10-15 12:12 . 2007-10-15 12:12 32768 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\WsatConfig.resources.dll
+ 2007-10-15 12:12 . 2007-10-15 12:12 10240 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\SMSvcHost.resources.dll
- 2006-10-31 04:08 . 2006-10-31 04:08 10240 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\SMSvcHost.resources.dll
+ 2007-10-15 12:12 . 2007-10-15 12:12 13824 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ServiceModelReg.resources.dll
- 2006-10-31 04:08 . 2006-10-31 04:08 13824 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ServiceModelReg.resources.dll
- 2006-10-31 04:08 . 2006-10-31 04:08 32768 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ComSvcConfig.resources.dll
+ 2007-10-15 12:12 . 2007-10-15 12:12 32768 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ComSvcConfig.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 22528 e:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0405\mscorsecr.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 22528 e:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0405\mscorsecr.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 77824 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Services.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 77824 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Services.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Mobile.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Mobile.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 16896 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Transactions.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 16896 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Transactions.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.ServiceProcess.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.ServiceProcess.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 28672 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Security.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 28672 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Security.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 11776 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 11776 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 32768 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Remoting.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 32768 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Remoting.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 77824 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Messaging.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 77824 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Messaging.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 13312 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Management.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 13312 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Management.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 32768 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.EnterpriseServices.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 32768 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.EnterpriseServices.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 24576 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 24576 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 16896 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.Protocols.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 16896 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.Protocols.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 36864 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.data.sqlxml.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 36864 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.data.sqlxml.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 49152 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 49152 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 28672 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.Install.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 28672 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.Install.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 10752 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\sysglobl.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 10752 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\sysglobl.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 86528 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\ShFusRes.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 11264 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Regasm.Resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 11264 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Regasm.Resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 13824 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\MSBuild.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 13824 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\MSBuild.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 57344 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.VisualBasic.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 57344 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.VisualBasic.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 45056 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.JScript.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 45056 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.JScript.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 10240 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Utilities.Resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 10240 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Utilities.Resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 53248 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Engine.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 53248 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Engine.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 36864 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\caspol.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 36864 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\caspol.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regsql.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 40960 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regsql.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 80896 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_rc.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 20480 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\alinkui.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 20480 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\alinkui.dll
+ 2008-03-22 08:00 . 2008-03-22 08:00 25088 e:\windows\Installer\96d9cb.msp
+ 2008-03-22 07:57 . 2008-03-22 07:57 52224 e:\windows\Installer\96d9ca.msp
+ 2010-04-06 13:43 . 2010-04-06 13:43 81408 e:\windows\Installer\96d9a1.msi
+ 2009-05-01 12:44 . 2010-03-08 10:08 22486 e:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\WCESMgrIcon.exe
- 2009-05-01 12:44 . 2009-05-01 12:44 22486 e:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\WCESMgrIcon.exe
+ 2009-05-01 12:44 . 2010-03-08 10:08 22486 e:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\ARPPRODUCTICON.exe
- 2009-05-01 12:44 . 2009-05-01 12:44 22486 e:\windows\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\ARPPRODUCTICON.exe
+ 2010-03-20 09:46 . 2010-03-20 09:46 10134 e:\windows\Installer\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\ARPPRODUCTICON.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 23040 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 23040 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 61440 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 61440 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 27136 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 27136 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 11264 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 11264 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 86016 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 86016 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 12288 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 12288 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-03-20 09:40 . 2010-03-20 09:40 10134 e:\windows\Installer\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\ARPPRODUCTICON.exe
+ 2009-12-21 18:09 . 2009-12-21 18:09 16832 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\ViewerPS.dll
+ 2009-12-21 23:57 . 2009-12-21 23:57 35760 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\reader_sl.exe
+ 2009-12-21 18:02 . 2009-12-21 18:02 79280 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPrevHndlr.dll
+ 2009-12-21 21:21 . 2009-12-21 21:21 99776 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\eula.exe
+ 2009-12-11 13:57 . 2009-12-11 13:57 70584 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\adobeextractfiles.dll
+ 2009-12-21 21:37 . 2009-12-21 21:37 27048 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrotextextractor.exe
+ 2009-12-21 16:39 . 2009-12-21 16:39 15288 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32Info.exe
+ 2009-12-21 16:27 . 2009-12-21 16:27 75200 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acroiehelpershim.dll
+ 2009-12-21 16:27 . 2009-12-21 16:27 61888 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroIEHelper.dll
+ 2005-08-09 22:18 . 2005-08-09 22:18 44032 e:\windows\devcon.exe
+ 2008-11-21 21:05 . 2008-11-21 21:05 32768 e:\windows\assembly\temp\6FMT07ELSZ\System.Runtime.Remoting.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 77824 e:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Services.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 77824 e:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Services.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 40960 e:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 40960 e:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 49152 e:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_cs_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 16896 e:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_cs_b77a5c561934e089\System.Transactions.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 16896 e:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_cs_b77a5c561934e089\System.Transactions.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 40960 e:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 40960 e:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 66616 e:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_cs_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 36864 e:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 36864 e:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 28672 e:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Security.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 28672 e:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Security.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 86016 e:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 11776 e:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 11776 e:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 32768 e:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 32768 e:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 28672 e:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_cs_b03f5f7f11d50a3a\System.Net.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 77824 e:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Messaging.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 77824 e:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Messaging.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 13312 e:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Management.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 13312 e:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Management.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 10752 e:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_cs_b77a5c561934e089\System.Management.Instrumentation.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 20480 e:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_cs_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 20480 e:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_cs_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 53248 e:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 53248 e:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 61440 e:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 61440 e:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 32768 e:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 32768 e:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 24576 e:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 24576 e:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 40960 e:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 40960 e:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 16896 e:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 16896 e:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 36864 e:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_cs_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 36864 e:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_cs_b77a5c561934e089\system.data.sqlxml.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 36864 e:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_cs_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 53248 e:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_cs_b77a5c561934e089\System.Data.Linq.Resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 57344 e:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_cs_b77a5c561934e089\System.Core.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 49152 e:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 49152 e:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 28672 e:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 28672 e:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 10752 e:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_cs_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 10752 e:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_cs_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 57344 e:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 57344 e:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 28672 e:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 28672 e:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 45056 e:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 45056 e:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 11264 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 10240 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 10240 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 65536 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 53248 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 53248 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 11776 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 12800 e:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 12800 e:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 53248 e:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 53248 e:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-03-24 16:15 . 2007-05-14 21:38 9216 e:\windows\system32\ReinstallBackups\0007\DriverFiles\Amfilter.sys
- 2005-12-20 17:13 . 2005-12-20 17:13 6656 e:\windows\system32\mui\0405\mscorees.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 6656 e:\windows\system32\mui\0405\mscorees.dll
+ 2005-08-08 13:44 . 2005-08-08 13:44 6640 e:\windows\system32\drivers\MouseCap.sys
+ 2005-08-06 14:13 . 2005-08-06 14:13 9661 e:\windows\system32\drivers\Moufiltr.sys
+ 2007-05-14 21:38 . 2007-05-14 21:38 9216 e:\windows\system32\drivers\Amfilter.sys
+ 2007-10-26 01:16 . 2007-10-26 01:16 9216 e:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 9216 e:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 8704 e:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 8704 e:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 6144 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.Design.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 6144 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.Design.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 7168 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\JSC.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 7168 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\JSC.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 4096 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\InstallUtil.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 4096 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\InstallUtil.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 5632 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regbrowsers.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 5632 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regbrowsers.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 8704 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_compiler.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 8704 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_compiler.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 5120 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\CvtResUI.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 5120 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\CvtResUI.dll
+ 2009-03-07 13:12 . 2010-01-11 15:48 4096 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 4096 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2010-01-03 19:41 . 2010-01-03 19:41 5120 e:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
- 2009-12-07 16:11 . 2009-12-07 16:11 5120 e:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
+ 2010-04-06 13:44 . 2010-04-06 13:44 7680 e:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_cs_b77a5c561934e089\System.Xml.Linq.Resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 6144 e:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 6144 e:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 5120 e:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_cs_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 5120 e:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_cs_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 5120 e:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_cs_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 9216 e:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 9216 e:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 8704 e:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 8704 e:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
- 2008-11-21 21:04 . 2008-11-21 21:04 5120 e:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 5120 e:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
+ 2010-02-12 17:17 . 2009-09-04 16:44 515416 e:\windows\system32\XAudio2_5.dll
+ 2010-02-12 17:17 . 2009-03-16 13:18 517448 e:\windows\system32\XAudio2_4.dll
+ 2010-02-12 17:17 . 2008-10-27 09:04 514384 e:\windows\system32\XAudio2_3.dll
+ 2010-02-12 17:17 . 2008-07-31 09:40 509448 e:\windows\system32\XAudio2_2.dll
+ 2010-02-12 17:17 . 2009-09-04 16:44 238936 e:\windows\system32\xactengine3_5.dll
+ 2010-02-12 17:17 . 2009-03-16 13:18 235352 e:\windows\system32\xactengine3_4.dll
+ 2010-02-12 17:17 . 2008-10-27 09:04 235856 e:\windows\system32\xactengine3_3.dll
+ 2010-02-12 17:17 . 2008-07-31 09:41 238088 e:\windows\system32\xactengine3_2.dll
- 2002-09-23 12:00 . 2009-11-22 12:34 490872 e:\windows\system32\perfh009.dat
+ 2002-09-23 12:00 . 2010-04-06 14:12 490872 e:\windows\system32\perfh009.dat
+ 2010-01-27 01:07 . 2010-01-27 01:07 256280 e:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-03-07 14:29 . 2002-06-06 13:38 139264 e:\windows\system32\eax.dll
+ 2009-03-07 14:29 . 2002-06-06 12:38 139264 e:\windows\system32\eax.dll
+ 2010-02-12 17:17 . 2009-09-04 16:29 235344 e:\windows\system32\d3dx11_42.dll
+ 2010-02-12 17:17 . 2009-09-04 16:29 453456 e:\windows\system32\d3dx10_42.dll
+ 2010-02-12 17:17 . 2009-03-09 14:27 453456 e:\windows\system32\d3dx10_41.dll
+ 2010-02-12 17:17 . 2008-10-15 05:22 452440 e:\windows\system32\d3dx10_40.dll
+ 2010-02-12 17:17 . 2008-07-10 10:01 467984 e:\windows\system32\d3dx10_39.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 982008 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\WapUI.dll
+ 2008-03-22 08:06 . 2008-03-22 08:06 108536 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\WapRes.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 687104 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vsscenario.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 411136 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vsbasereqs.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 627712 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs70uimgr.dll
+ 2008-03-22 08:40 . 2008-03-22 08:40 432128 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs_setup.msi
+ 2008-03-22 08:06 . 2008-03-22 08:06 124416 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setupres.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 269304 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setup.exe
+ 2008-03-21 14:59 . 2008-03-21 14:59 183296 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\RebootStub.exe
+ 2008-03-21 13:56 . 2008-03-21 13:56 177152 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\HtmlLite.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 276472 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\dlmgr.dll
+ 2008-03-22 08:33 . 2008-03-22 08:33 151552 e:\windows\Microsoft.NET\Framework\v3.5\cs\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2008-03-22 08:33 . 2008-03-22 08:33 238072 e:\windows\Microsoft.NET\Framework\v3.5\1029\vbc7ui.dll
+ 2008-03-22 08:33 . 2008-03-22 08:33 174592 e:\windows\Microsoft.NET\Framework\v3.5\1029\cscompui.dll
+ 2007-10-15 12:12 . 2007-10-15 12:12 864256 e:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\infocard.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 159744 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.xml.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 159744 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.xml.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 425984 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Windows.Forms.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 425984 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Windows.Forms.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 602112 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 204800 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 204800 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 536576 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Design.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 536576 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Design.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 385024 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Deployment.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 339968 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 110592 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.OracleClient.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 110592 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.OracleClient.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 366592 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorrc.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 303104 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorlib.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 303104 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorlib.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 139264 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Tasks.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 311296 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnetmmcext.resources.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 311296 e:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnetmmcext.resources.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 214528 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\Vsavb7rtUI.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 188928 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\vbc7ui.dll
+ 2007-10-26 01:16 . 2007-10-26 01:16 141824 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\cscompui.dll
- 2005-12-20 17:13 . 2005-12-20 17:13 141824 e:\windows\Microsoft.NET\Framework\v2.0.50727\1029\cscompui.dll
+ 2009-01-26 19:33 . 1998-10-29 17:45 306688 e:\windows\IsUninst.exe
- 2009-01-26 19:33 . 1998-10-29 15:45 306688 e:\windows\IsUninst.exe
+ 2010-03-24 16:13 . 2010-03-24 16:13 466944 e:\windows\Installer\de41a.msi
+ 2010-04-06 13:44 . 2010-04-06 13:44 428032 e:\windows\Installer\96da03.msi
+ 2008-03-22 07:54 . 2008-03-22 07:54 312320 e:\windows\Installer\96d9cd.msp
+ 2008-03-22 07:45 . 2008-03-22 07:45 727040 e:\windows\Installer\96d9cc.msp
+ 2008-03-22 07:51 . 2008-03-22 07:51 124416 e:\windows\Installer\96d9c9.msp
+ 2008-03-22 07:48 . 2008-03-22 07:48 166400 e:\windows\Installer\96d9c8.msp
+ 2008-03-22 07:42 . 2008-03-22 07:42 117760 e:\windows\Installer\96d9c7.msp
+ 2008-03-22 07:32 . 2008-03-22 07:32 488960 e:\windows\Installer\96d9a6.msp
+ 2008-03-22 07:19 . 2008-03-22 07:19 251904 e:\windows\Installer\96d9a5.msp
+ 2008-03-22 07:29 . 2008-03-22 07:29 360960 e:\windows\Installer\96d9a4.msp
+ 2008-03-22 07:26 . 2008-03-22 07:26 708608 e:\windows\Installer\96d9a3.msp
+ 2008-03-22 07:22 . 2008-03-22 07:22 365568 e:\windows\Installer\96d9a2.msp
+ 2010-04-09 16:46 . 2010-04-09 16:46 836096 e:\windows\Installer\14798e1.msi
+ 2009-12-27 12:16 . 2009-12-27 12:16 216358 e:\windows\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 409600 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 409600 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 286720 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 286720 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 249856 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 249856 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 794624 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 794624 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 135168 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 135168 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-03-07 13:12 . 2009-11-11 21:54 593920 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-03-07 13:12 . 2010-01-11 15:48 593920 e:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-12-11 13:57 . 2009-12-11 13:57 326056 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\readerupdater.exe
+ 2009-12-21 16:35 . 2009-12-21 16:35 378264 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\pdfshell.dll
+ 2009-12-21 18:05 . 2009-12-21 18:05 116168 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\PDFPrevHndlrShim.exe
+ 2009-12-21 16:34 . 2009-12-21 16:34 103864 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\nppdf32.dll
+ 2009-11-09 17:18 . 2009-11-09 17:18 684032 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\JP2KLib.dll
+ 2009-12-21 18:02 . 2009-12-21 18:02 542168 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AdobeCollabSync.exe
+ 2009-12-11 13:57 . 2009-12-11 13:57 948672 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\adobearm.exe
+ 2009-12-21 16:43 . 2009-12-21 16:43 120240 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRdIF.dll
+ 2009-12-21 23:57 . 2009-12-21 23:57 349616 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32.exe
+ 2009-12-21 16:15 . 2009-12-21 16:15 660912 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroPDF.dll
+ 2009-12-21 17:32 . 2009-12-21 17:32 280024 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrobroker.exe
+ 2009-12-11 13:57 . 2009-12-11 13:57 326056 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\acrobatupdater.exe
+ 2009-12-21 17:15 . 2009-12-21 17:15 251296 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\a3dutility.exe
+ 2008-11-21 21:05 . 2008-11-21 21:05 425984 e:\windows\assembly\temp\T29GNU18FM\System.Windows.Forms.resources.dll
+ 2008-11-21 21:05 . 2008-11-21 21:05 204800 e:\windows\assembly\temp\MV29GNU18F\system.resources.dll
+ 2008-11-21 21:05 . 2008-11-21 21:05 303104 e:\windows\assembly\temp\09GNU18FMT\mscorlib.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 159744 e:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_cs_b77a5c561934e089\System.xml.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 159744 e:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_cs_b77a5c561934e089\System.xml.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 111672 e:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_cs_31bf3856ad364e35\System.WorkflowServices.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 425984 e:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 425984 e:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 602112 e:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 647168 e:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_cs_31bf3856ad364e35\System.Web.Extensions.Resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 454656 e:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 204800 e:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\system.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 204800 e:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\system.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 536576 e:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Design.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 536576 e:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Design.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 385024 e:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 339968 e:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 110592 e:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 110592 e:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.OracleClient.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 303104 e:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 303104 e:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
+ 2010-04-06 13:44 . 2010-04-06 13:44 151552 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2010-04-06 13:43 . 2010-04-06 13:43 139264 e:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
- 2008-11-21 21:05 . 2008-11-21 21:05 311296 e:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_cs_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
+ 2010-04-06 13:42 . 2010-04-06 13:42 311296 e:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_cs_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 223232 e:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 223232 e:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 178176 e:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 178176 e:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 364544 e:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 364544 e:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 159232 e:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 159232 e:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 145920 e:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 145920 e:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 578560 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 578560 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 578560 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 578560 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 577536 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 577536 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 577536 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 577536 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 577024 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 577024 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 576000 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 576000 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 567296 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 567296 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 563712 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 563712 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 473600 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 473600 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-01-27 01:07 . 2010-01-27 01:07 3884312 e:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-11-19 16:27 . 2010-01-12 05:40 1553384 e:\windows\system32\FNTCACHE.DAT
+ 2010-02-12 17:17 . 2009-09-04 16:29 1892184 e:\windows\system32\D3DX9_42.dll
+ 2010-02-12 17:17 . 2009-03-09 14:27 4178264 e:\windows\system32\D3DX9_41.dll
+ 2010-02-12 17:17 . 2008-10-15 05:22 4379984 e:\windows\system32\D3DX9_40.dll
+ 2010-02-12 17:17 . 2008-07-10 10:00 3851784 e:\windows\system32\D3DX9_39.dll
+ 2010-02-12 17:17 . 2009-09-04 16:29 5501792 e:\windows\system32\d3dcsx_42.dll
+ 2010-02-12 17:17 . 2009-09-04 16:29 1974616 e:\windows\system32\D3DCompiler_42.dll
+ 2010-02-12 17:17 . 2009-03-09 14:27 1846632 e:\windows\system32\D3DCompiler_41.dll
+ 2010-02-12 17:17 . 2008-10-15 05:22 2036576 e:\windows\system32\D3DCompiler_40.dll
+ 2010-02-12 17:17 . 2008-07-10 10:00 1493528 e:\windows\system32\D3DCompiler_39.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 1045504 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs_setup.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 1361920 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\SITSetup.dll
+ 2008-03-21 13:56 . 2008-03-21 13:56 1059328 e:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\gencomp.dll
+ 2010-01-11 15:48 . 2010-01-11 15:48 5788160 e:\windows\Installer\d80fb.msi

Dymon · Příspěvekod **Dymon** » 19 dub 2010 22:21

+ 2009-12-27 12:16 . 2009-12-27 12:16 8739840 e:\windows\Installer\a88241.msi
+ 2010-03-20 09:46 . 2010-03-20 09:46 1154048 e:\windows\Installer\99b79c.msi
+ 2010-04-06 13:43 . 2010-04-06 13:43 1048064 e:\windows\Installer\96d9c6.msi
+ 2010-03-23 12:14 . 2010-03-23 12:14 2233344 e:\windows\Installer\4a664.msi
+ 2010-04-16 12:08 . 2010-04-16 12:08 3940352 e:\windows\Installer\3cba32.msi
+ 2009-12-21 16:29 . 2009-12-21 16:29 2409880 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\rt3d.dll
+ 2009-10-27 18:34 . 2009-10-27 18:34 5009408 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\authplay.dll
+ 2009-12-21 21:31 . 2009-12-21 21:31 5713920 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AGM.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 2846720 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 2846720 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-12 09:06 . 2009-12-12 09:06 2676224 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-02-12 17:16 . 2010-02-12 17:16 2676224 e:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-12-13 10:27 . 2009-12-23 09:26 12786376 e:\windows\system32\Restore\rstrlog.dat
+ 2010-04-04 06:54 . 2010-04-04 06:54 11850240 e:\windows\Installer\3cbadb.msp
+ 2009-12-21 21:21 . 2009-12-21 21:21 20436408 e:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0300000010\9.3.0\AcroRd32.dll
+ 2010-03-20 09:40 . 2010-03-20 09:40 241051648 e:\windows\Installer\99b795.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AFProg"="e:\program files\Hotspot Shield\AnchorFree\ctrl\AFController.exe" [2006-06-05 118784]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="e:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="e:\program files\winamp\winampa.exe" [2008-08-03 36352]
"SMail"="e:\program files\Pošťák\Postak\Postak.exe" [2008-02-21 453936]
"HP Component Manager"="e:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"egui"="e:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"WheelMouse"="e:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

e:\documents and settings\Petr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CurseClientStartup.ccip [2010-1-18 0]

e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - e:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-3-15 241664]
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - e:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-3-15 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 22:34 24576 ----a-w- e:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=e:\windows\system32\wbsys.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"e:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\ICQ6.5\\ICQ.exe"=
"e:\program files\Microsoft ActiveSync\rapimgr.exe"= e:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"e:\program files\Microsoft ActiveSync\wcescomm.exe"= e:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"e:\program files\Microsoft ActiveSync\WCESMgr.exe"= e:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"e:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\Hamachi\\hamachi.exe"=
"e:\\Program Files\\Garena\\Garena.exe"=
"e:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"e:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"e:\\Program Files\\ICQ7.0\\ICQ.exe"=
"e:\\Program Files\\ICQ7.0\\aolload.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft 3.3.2\\Launcher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 ehdrv;ehdrv;e:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208]
R1 epfwtdir;epfwtdir;e:\windows\system32\drivers\epfwtdir.sys [6.2.2009 15:24 93336]
R2 ekrn;ESET Service;e:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 15:23 727720]
R2 ICQ Service;ICQ Service;e:\program files\ICQ6Toolbar\ICQ Service.exe [27.2.2010 22:33 246520]
R3 MouseCap;MouseCapture Driver;e:\windows\system32\drivers\MouseCap.sys [8.8.2005 15:44 6640]
S0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [19.11.2008 19:55 691696]
S3 GarenaPEngine;GarenaPEngine;\??\e:\docume~1\Petr\LOCALS~1\Temp\UHW137E.tmp --> e:\docume~1\Petr\LOCALS~1\Temp\UHW137E.tmp [?]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);e:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27.5.2009 3:27 29262680]
S3 TVICHW32;TVICHW32;e:\windows\system32\drivers\TVICHW32.SYS [10.10.2009 21:37 23600]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
IE: Download Using &BitSpirit - e:\program files\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - e:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B)
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - e:\program files\ICQ7.0\ICQ.exe
TCP: {CCFE3FAC-4BE7-41F6-B87B-87F2A7DA2B30} = 62.129.50.20,85.135.32.100
FF - ProfilePath - e:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.cinema-world.biz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.1&q=
FF - plugin: e:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: e:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: e:\program files\sdasdas\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-19 22:12
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\e:\docume~1\Petr\LOCALS~1\Temp\UHW137E.tmp"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(932)
e:\windows\system32\Ati2evxx.dll
e:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
.
Celkový čas: 2010-04-19 22:14:08
ComboFix-quarantined-files.txt 2010-04-19 20:13
ComboFix2.txt 2010-01-03 18:58
ComboFix3.txt 2009-12-21 19:01

Před spuštěním: Volných bajtů: 20 673 671 168
Po spuštění: Volných bajtů: 21 227 864 064

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - B1F9198A9063F8487ACE394E58FCF49B

Patří k tomu i to nad tím

Příspěvekod **jaro3** » 20 dub 2010 11:41

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
e:\docume~1\Petr\LOCALS~1\Temp\UHW137E.tmp

Folder::
e:\program files\ICQ6Toolbar
e:\\Program Files\\Garena

Driver::
GarenaPEngine

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"e:\\Program Files\\Garena\\Garena.exe"=-
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]

DDS::
IE: ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B)

Firefox::
FF - ProfilePath - e:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.cinema-world.biz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.1&q=

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
e:\windows\UniFISH.exe
Pokud už byl soubor testován-klikni na otestovat znovu.

Až skončí test všech antivirů, vlož sem pak odkaz na stránku s výsledky.

Dymon · Příspěvekod **Dymon** » 20 dub 2010 14:43

ComboFix 10-04-18.04 - Petr 20.04.2010 14:24:59.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2628 [GMT 2:00]
Spuštěný z: e:\documents and settings\Petr\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Petr\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ActiveArmor Firewall *disabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
* Rezidentní štít AV je zapnutý

FILE ::
"e:\docume~1\Petr\LOCALS~1\Temp\UHW137E.tmp"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\\Program Files\\Garena
e:\\Program Files\\Garena\AESocket.dll
e:\\Program Files\\Garena\atl71.dll
e:\\Program Files\\Garena\Avatar\boy.swf
e:\\Program Files\\Garena\Avatar\boy_s.swf
e:\\Program Files\\Garena\Avatar\girl.swf
e:\\Program Files\\Garena\Avatar\girl_s.swf
e:\\Program Files\\Garena\Avatar\unknown.swf
e:\\Program Files\\Garena\Avatar\unknown_s.swf
e:\\Program Files\\Garena\Cache\4650151_s.swf
e:\\Program Files\\Garena\Cache\8726330_s.swf
e:\\Program Files\\Garena\clients.dat
e:\\Program Files\\Garena\clients2.dat
e:\\Program Files\\Garena\CommonLib.dll
e:\\Program Files\\Garena\config\bs.br.xml
e:\\Program Files\\Garena\config\bs.cn.xml
e:\\Program Files\\Garena\config\bs.en.xml
e:\\Program Files\\Garena\config\bs.id.xml
e:\\Program Files\\Garena\config\bs.pp.xml
e:\\Program Files\\Garena\config\bs.ru.xml
e:\\Program Files\\Garena\config\bs.sd.xml
e:\\Program Files\\Garena\config\bs.sp.xml
e:\\Program Files\\Garena\config\bs.th.xml
e:\\Program Files\\Garena\config\bs.tw.xml
e:\\Program Files\\Garena\config\bs.vn.xml
e:\\Program Files\\Garena\config\loccn.xml
e:\\Program Files\\Garena\config\locen.xml
e:\\Program Files\\Garena\config\lockr.xml
e:\\Program Files\\Garena\config\loctw.xml
e:\\Program Files\\Garena\config\locvn.xml
e:\\Program Files\\Garena\CS15Hook.dll
e:\\Program Files\\Garena\deps\olgame.gga
e:\\Program Files\\Garena\deps\vww.gzp
e:\\Program Files\\Garena\deps\webgame.gga
e:\\Program Files\\Garena\dlls\CTSys.dll
e:\\Program Files\\Garena\dlls\flags.dll
e:\\Program Files\\Garena\dlls\FPSHelper.dll
e:\\Program Files\\Garena\dlls\GFireMan.dll
e:\\Program Files\\Garena\dlls\IPvR.dll
e:\\Program Files\\Garena\dlls\PEngine.dll
e:\\Program Files\\Garena\dlls\PluginLanguage.dll
e:\\Program Files\\Garena\dlls\Sca.dll
e:\\Program Files\\Garena\dlls\WC3J.dll
e:\\Program Files\\Garena\files\files.ggz
e:\\Program Files\\Garena\FPSHook.dll
e:\\Program Files\\Garena\Gamecn.dat
e:\\Program Files\\Garena\GameConfig.xml
e:\\Program Files\\Garena\Gameen.dat
e:\\Program Files\\Garena\Gametw.dat
e:\\Program Files\\Garena\Gamevn.dat
e:\\Program Files\\Garena\Garena.exe
e:\\Program Files\\Garena\GarenaSkin.dll
e:\\Program Files\\Garena\GarenaSkin1.dll
e:\\Program Files\\Garena\GarenaTV.xml
e:\\Program Files\\Garena\GarenaTV\0.bmp
e:\\Program Files\\Garena\GarenaTV\1.bmp
e:\\Program Files\\Garena\GarenaTV\2.bmp
e:\\Program Files\\Garena\GarenaTV\3.bmp
e:\\Program Files\\Garena\GarenaTV\4.bmp
e:\\Program Files\\Garena\GarenaTV\5.bmp
e:\\Program Files\\Garena\GarenaTV\6.bmp
e:\\Program Files\\Garena\GarenaTV\cn.ggz
e:\\Program Files\\Garena\GarenaTV\cn_s.ggz
e:\\Program Files\\Garena\GarenaTV\en.ggz
e:\\Program Files\\Garena\GarenaTV\en_s.ggz
e:\\Program Files\\Garena\GarenaTV\id_s.ggz
e:\\Program Files\\Garena\GarenaTV\Thumbs.db
e:\\Program Files\\Garena\GarenaTV\tw.ggz
e:\\Program Files\\Garena\GarenaTV\tw_s.ggz
e:\\Program Files\\Garena\GarenaTV_UI.dll
e:\\Program Files\\Garena\GarenaTVHook.dll
e:\\Program Files\\Garena\GGICON.ico
e:\\Program Files\\Garena\Gn.ggz
e:\\Program Files\\Garena\gs.dat
e:\\Program Files\\Garena\hc.xml
e:\\Program Files\\Garena\Inject.dll
e:\\Program Files\\Garena\L4DSocket.dll
e:\\Program Files\\Garena\langs.xml
e:\\Program Files\\Garena\Languages\FPSGame.dll.cn
e:\\Program Files\\Garena\Languages\FPSGame.dll.en
e:\\Program Files\\Garena\Languages\FPSGame.dll.tw
e:\\Program Files\\Garena\Languages\Garena.exe.br
e:\\Program Files\\Garena\Languages\Garena.exe.cn
e:\\Program Files\\Garena\Languages\Garena.exe.en
e:\\Program Files\\Garena\Languages\Garena.exe.id
e:\\Program Files\\Garena\Languages\Garena.exe.ru
e:\\Program Files\\Garena\Languages\Garena.exe.sp
e:\\Program Files\\Garena\Languages\Garena.exe.th
e:\\Program Files\\Garena\Languages\Garena.exe.tw
e:\\Program Files\\Garena\Languages\Garena.exe.vn
e:\\Program Files\\Garena\Languages\GarenaTV_UI.dll.cn
e:\\Program Files\\Garena\Languages\GarenaTV_UI.dll.en
e:\\Program Files\\Garena\Languages\GarenaTV_UI.dll.id
e:\\Program Files\\Garena\Languages\GarenaTV_UI.dll.tw
e:\\Program Files\\Garena\Languages\languages.glf
e:\\Program Files\\Garena\Languages\OLGame.dll.en
e:\\Program Files\\Garena\Languages\OLGame.dll.vn
e:\\Program Files\\Garena\Languages\update.exe.cn
e:\\Program Files\\Garena\Languages\update.exe.tw
e:\\Program Files\\Garena\Languages\update2.exe.cn
e:\\Program Files\\Garena\Languages\update2.exe.tw
e:\\Program Files\\Garena\Languages\WC3Ass.dll.cn
e:\\Program Files\\Garena\Languages\WC3Ass.dll.en
e:\\Program Files\\Garena\Languages\WC3Ass.dll.tw
e:\\Program Files\\Garena\Languages\WC3Ass.dll.vn
e:\\Program Files\\Garena\Languages\WC3Ladder.dll.cn
e:\\Program Files\\Garena\Languages\WC3Ladder.dll.en
e:\\Program Files\\Garena\Languages\WC3Ladder.dll.tw
e:\\Program Files\\Garena\layout\BlackShotView.layout
e:\\Program Files\\Garena\layout\layout.ggz
e:\\Program Files\\Garena\lib\BlackShot.dll
e:\\Program Files\\Garena\lib\common\Language.dll
e:\\Program Files\\Garena\lib\GarenaRoomSystem.dll
e:\\Program Files\\Garena\lib\GarenaWebService.dll
e:\\Program Files\\Garena\lib\HttpLayer.dll
e:\\Program Files\\Garena\lib\Layout.dll
e:\\Program Files\\Garena\lib\LibPlugin.ggz
e:\\Program Files\\Garena\lib\LoadSwf.dll
e:\\Program Files\\Garena\lib\MessagePumpLib.dll
e:\\Program Files\\Garena\lib\NetworkLayer.dll
e:\\Program Files\\Garena\lib\PKCS.dll
e:\\Program Files\\Garena\lib\RSA.dll
e:\\Program Files\\Garena\lib\WebCache.dll
e:\\Program Files\\Garena\mdata.ggz
e:\\Program Files\\Garena\PluginKernel.dll
e:\\Program Files\\Garena\plugins\Game\GarenaTVRecorder.dll
e:\\Program Files\\Garena\plugins\Game\WC3Ass.dll
e:\\Program Files\\Garena\plugins\Game\WC3Ladder.dll
e:\\Program Files\\Garena\plugins\Game\WC3VC.dll
e:\\Program Files\\Garena\plugins\Plugins.ggz
e:\\Program Files\\Garena\plugins\UI\AdPlugin.dll
e:\\Program Files\\Garena\plugins\UI\AdPlugin\close_rollout.bmp
e:\\Program Files\\Garena\plugins\UI\AdPlugin\close_rollover.bmp
e:\\Program Files\\Garena\plugins\UI\AdPlugin\down_rollout.bmp
e:\\Program Files\\Garena\plugins\UI\AdPlugin\down_rollover.bmp
e:\\Program Files\\Garena\plugins\UI\AdPlugin\skinmsn.bmp
e:\\Program Files\\Garena\plugins\UI\AdPlugin\up_rollout.bmp
e:\\Program Files\\Garena\plugins\UI\AdPlugin\up_rollover.bmp
e:\\Program Files\\Garena\plugins\UI\AvoidCrackPlugin.dll
e:\\Program Files\\Garena\plugins\UI\BlackShotPlugin.dll
e:\\Program Files\\Garena\plugins\UI\CafeLogin.dll
e:\\Program Files\\Garena\plugins\UI\FavListUIPlugin.dll
e:\\Program Files\\Garena\plugins\UI\FPSGame.dll
e:\\Program Files\\Garena\plugins\UI\GarenaTV.dll
e:\\Program Files\\Garena\plugins\UI\GarenaTVRecUI.dll
e:\\Program Files\\Garena\plugins\UI\GEngine.dll
e:\\Program Files\\Garena\plugins\UI\Chenyx.dll
e:\\Program Files\\Garena\plugins\UI\ManagePlugin.dll
e:\\Program Files\\Garena\plugins\UI\OLGame.dll
e:\\Program Files\\Garena\plugins\UI\StatPlugin.dll
e:\\Program Files\\Garena\plugins\UI\ViwawaPlugin.dll
e:\\Program Files\\Garena\plugins\UI\WebGameUI.dll
e:\\Program Files\\Garena\plugins\UI\zDep.dll
e:\\Program Files\\Garena\plugins\UI\zzzPlugin.dll
e:\\Program Files\\Garena\RecConfig.xml
e:\\Program Files\\Garena\roomCN.dat
e:\\Program Files\\Garena\roomEN.dat
e:\\Program Files\\Garena\roomTW.dat
e:\\Program Files\\Garena\server.xml
e:\\Program Files\\Garena\shop\items\1.gif
e:\\Program Files\\Garena\shop\items\100.gif
e:\\Program Files\\Garena\shop\items\105.gif
e:\\Program Files\\Garena\shop\items\150.gif
e:\\Program Files\\Garena\shop\items\151.gif
e:\\Program Files\\Garena\shop\items\2.gif
e:\\Program Files\\Garena\shop\items\200.gif
e:\\Program Files\\Garena\shop\items\201.gif
e:\\Program Files\\Garena\shop\items\202.gif
e:\\Program Files\\Garena\shop\items\203.gif
e:\\Program Files\\Garena\shop\items\204.gif
e:\\Program Files\\Garena\shop\items\205.gif
e:\\Program Files\\Garena\shop\items\206.gif
e:\\Program Files\\Garena\shop\items\21.gif
e:\\Program Files\\Garena\shop\items\22.gif
e:\\Program Files\\Garena\shop\items\23.gif
e:\\Program Files\\Garena\shop\items\24.gif
e:\\Program Files\\Garena\shop\items\3.gif
e:\\Program Files\\Garena\shop\items\300.gif
e:\\Program Files\\Garena\shop\items\301.gif
e:\\Program Files\\Garena\shop\items\302.gif
e:\\Program Files\\Garena\shop\items\303.gif
e:\\Program Files\\Garena\shop\items\304.gif
e:\\Program Files\\Garena\shop\items\305.gif
e:\\Program Files\\Garena\shop\items\306.gif
e:\\Program Files\\Garena\shop\items\307.gif
e:\\Program Files\\Garena\shop\items\308.gif
e:\\Program Files\\Garena\shop\items\309.gif
e:\\Program Files\\Garena\shop\items\310.gif
e:\\Program Files\\Garena\shop\items\311.gif
e:\\Program Files\\Garena\shop\items\312.gif
e:\\Program Files\\Garena\shop\items\313.gif
e:\\Program Files\\Garena\shop\items\4.gif
e:\\Program Files\\Garena\shop\items\40.gif
e:\\Program Files\\Garena\shop\items\60.gif
e:\\Program Files\\Garena\shop\items\61.gif
e:\\Program Files\\Garena\shop\items\62.gif
e:\\Program Files\\Garena\shop\items\63.gif
e:\\Program Files\\Garena\shop\items\64.gif
e:\\Program Files\\Garena\shop\items\65.gif
e:\\Program Files\\Garena\shop\items\66.gif
e:\\Program Files\\Garena\shop\items\67.gif
e:\\Program Files\\Garena\shop\items\68.gif
e:\\Program Files\\Garena\shop\items\69.gif
e:\\Program Files\\Garena\shop\items\70.gif
e:\\Program Files\\Garena\shop\items\8.gif
e:\\Program Files\\Garena\shop\items\Thumbs.db
e:\\Program Files\\Garena\Skin\Flags\-.gif
e:\\Program Files\\Garena\Skin\Flags\ad.gif
e:\\Program Files\\Garena\Skin\Flags\ae.gif
e:\\Program Files\\Garena\Skin\Flags\af.gif
e:\\Program Files\\Garena\Skin\Flags\ag.gif
e:\\Program Files\\Garena\Skin\Flags\ai.gif
e:\\Program Files\\Garena\Skin\Flags\al.gif
e:\\Program Files\\Garena\Skin\Flags\am.gif
e:\\Program Files\\Garena\Skin\Flags\an.gif
e:\\Program Files\\Garena\Skin\Flags\ao.gif
e:\\Program Files\\Garena\Skin\Flags\aq.gif
e:\\Program Files\\Garena\Skin\Flags\ar.gif
e:\\Program Files\\Garena\Skin\Flags\as.gif
e:\\Program Files\\Garena\Skin\Flags\at.gif
e:\\Program Files\\Garena\Skin\Flags\au.gif
e:\\Program Files\\Garena\Skin\Flags\aw.gif
e:\\Program Files\\Garena\Skin\Flags\az.gif
e:\\Program Files\\Garena\Skin\Flags\ba.gif
e:\\Program Files\\Garena\Skin\Flags\bb.gif
e:\\Program Files\\Garena\Skin\Flags\bd.gif
e:\\Program Files\\Garena\Skin\Flags\be.gif
e:\\Program Files\\Garena\Skin\Flags\bf.gif
e:\\Program Files\\Garena\Skin\Flags\bg.gif
e:\\Program Files\\Garena\Skin\Flags\bh.gif
e:\\Program Files\\Garena\Skin\Flags\bi.gif
e:\\Program Files\\Garena\Skin\Flags\bj.gif
e:\\Program Files\\Garena\Skin\Flags\bm.gif
e:\\Program Files\\Garena\Skin\Flags\bn.gif
e:\\Program Files\\Garena\Skin\Flags\bo.gif
e:\\Program Files\\Garena\Skin\Flags\br.gif
e:\\Program Files\\Garena\Skin\Flags\bs.gif
e:\\Program Files\\Garena\Skin\Flags\bt.gif
e:\\Program Files\\Garena\Skin\Flags\bv.gif
e:\\Program Files\\Garena\Skin\Flags\bw.gif
e:\\Program Files\\Garena\Skin\Flags\by.gif
e:\\Program Files\\Garena\Skin\Flags\bz.gif
e:\\Program Files\\Garena\Skin\Flags\ca.gif
e:\\Program Files\\Garena\Skin\Flags\cd.gif
e:\\Program Files\\Garena\Skin\Flags\cf.gif
e:\\Program Files\\Garena\Skin\Flags\cg.gif
e:\\Program Files\\Garena\Skin\Flags\ci.gif
e:\\Program Files\\Garena\Skin\Flags\ck.gif
e:\\Program Files\\Garena\Skin\Flags\cl.gif
e:\\Program Files\\Garena\Skin\Flags\cm.gif
e:\\Program Files\\Garena\Skin\Flags\cn.gif
e:\\Program Files\\Garena\Skin\Flags\co.gif
e:\\Program Files\\Garena\Skin\Flags\cr.gif
e:\\Program Files\\Garena\Skin\Flags\cu.gif
e:\\Program Files\\Garena\Skin\Flags\cv.gif
e:\\Program Files\\Garena\Skin\Flags\cy.gif
e:\\Program Files\\Garena\Skin\Flags\cz.gif
e:\\Program Files\\Garena\Skin\Flags\de.gif
e:\\Program Files\\Garena\Skin\Flags\dj.gif
e:\\Program Files\\Garena\Skin\Flags\dk.gif
e:\\Program Files\\Garena\Skin\Flags\dm.gif
e:\\Program Files\\Garena\Skin\Flags\do.gif
e:\\Program Files\\Garena\Skin\Flags\dz.gif
e:\\Program Files\\Garena\Skin\Flags\ec.gif
e:\\Program Files\\Garena\Skin\Flags\ee.gif
e:\\Program Files\\Garena\Skin\Flags\eg.gif
e:\\Program Files\\Garena\Skin\Flags\er.gif
e:\\Program Files\\Garena\Skin\Flags\es.gif
e:\\Program Files\\Garena\Skin\Flags\et.gif
e:\\Program Files\\Garena\Skin\Flags\eu.gif
e:\\Program Files\\Garena\Skin\Flags\fi.gif
e:\\Program Files\\Garena\Skin\Flags\fj.gif
e:\\Program Files\\Garena\Skin\Flags\fk.gif
e:\\Program Files\\Garena\Skin\Flags\fm.gif
e:\\Program Files\\Garena\Skin\Flags\fo.gif
e:\\Program Files\\Garena\Skin\Flags\fr.gif
e:\\Program Files\\Garena\Skin\Flags\fx.gif
e:\\Program Files\\Garena\Skin\Flags\ga.gif
e:\\Program Files\\Garena\Skin\Flags\gb.gif
e:\\Program Files\\Garena\Skin\Flags\gd.gif
e:\\Program Files\\Garena\Skin\Flags\ge.gif
e:\\Program Files\\Garena\Skin\Flags\gh.gif
e:\\Program Files\\Garena\Skin\Flags\gi.gif
e:\\Program Files\\Garena\Skin\Flags\gl.gif
e:\\Program Files\\Garena\Skin\Flags\gm.gif
e:\\Program Files\\Garena\Skin\Flags\gn.gif
e:\\Program Files\\Garena\Skin\Flags\gp.gif
e:\\Program Files\\Garena\Skin\Flags\gq.gif
e:\\Program Files\\Garena\Skin\Flags\gr.gif
e:\\Program Files\\Garena\Skin\Flags\gt.gif
e:\\Program Files\\Garena\Skin\Flags\gu.gif
e:\\Program Files\\Garena\Skin\Flags\gw.gif
e:\\Program Files\\Garena\Skin\Flags\gy.gif
e:\\Program Files\\Garena\Skin\Flags\hk.gif
e:\\Program Files\\Garena\Skin\Flags\hm.gif
e:\\Program Files\\Garena\Skin\Flags\hn.gif
e:\\Program Files\\Garena\Skin\Flags\hr.gif
e:\\Program Files\\Garena\Skin\Flags\ht.gif
e:\\Program Files\\Garena\Skin\Flags\hu.gif
e:\\Program Files\\Garena\Skin\Flags\ch.gif
e:\\Program Files\\Garena\Skin\Flags\id.gif
e:\\Program Files\\Garena\Skin\Flags\ie.gif
e:\\Program Files\\Garena\Skin\Flags\il.gif
e:\\Program Files\\Garena\Skin\Flags\im.gif
e:\\Program Files\\Garena\Skin\Flags\in.gif
e:\\Program Files\\Garena\Skin\Flags\io.gif
e:\\Program Files\\Garena\Skin\Flags\iq.gif
e:\\Program Files\\Garena\Skin\Flags\ir.gif
e:\\Program Files\\Garena\Skin\Flags\is.gif
e:\\Program Files\\Garena\Skin\Flags\it.gif
e:\\Program Files\\Garena\Skin\Flags\je.gif
e:\\Program Files\\Garena\Skin\Flags\jm.gif
e:\\Program Files\\Garena\Skin\Flags\jo.gif
e:\\Program Files\\Garena\Skin\Flags\jp.gif
e:\\Program Files\\Garena\Skin\Flags\ke.gif
e:\\Program Files\\Garena\Skin\Flags\kg.gif
e:\\Program Files\\Garena\Skin\Flags\kh.gif
e:\\Program Files\\Garena\Skin\Flags\ki.gif
e:\\Program Files\\Garena\Skin\Flags\km.gif
e:\\Program Files\\Garena\Skin\Flags\kn.gif
e:\\Program Files\\Garena\Skin\Flags\kp.gif
e:\\Program Files\\Garena\Skin\Flags\kr.gif
e:\\Program Files\\Garena\Skin\Flags\kw.gif
e:\\Program Files\\Garena\Skin\Flags\ky.gif
e:\\Program Files\\Garena\Skin\Flags\kz.gif
e:\\Program Files\\Garena\Skin\Flags\la.gif
e:\\Program Files\\Garena\Skin\Flags\lb.gif
e:\\Program Files\\Garena\Skin\Flags\lc.gif
e:\\Program Files\\Garena\Skin\Flags\li.gif
e:\\Program Files\\Garena\Skin\Flags\lk.gif
e:\\Program Files\\Garena\Skin\Flags\lr.gif
e:\\Program Files\\Garena\Skin\Flags\ls.gif
e:\\Program Files\\Garena\Skin\Flags\lt.gif
e:\\Program Files\\Garena\Skin\Flags\lu.gif
e:\\Program Files\\Garena\Skin\Flags\lv.gif
e:\\Program Files\\Garena\Skin\Flags\ly.gif
e:\\Program Files\\Garena\Skin\Flags\ma.gif
e:\\Program Files\\Garena\Skin\Flags\mc.gif
e:\\Program Files\\Garena\Skin\Flags\md.gif
e:\\Program Files\\Garena\Skin\Flags\me.gif
e:\\Program Files\\Garena\Skin\Flags\mg.gif
e:\\Program Files\\Garena\Skin\Flags\mh.gif
e:\\Program Files\\Garena\Skin\Flags\mk.gif
e:\\Program Files\\Garena\Skin\Flags\ml.gif
e:\\Program Files\\Garena\Skin\Flags\mm.gif
e:\\Program Files\\Garena\Skin\Flags\mn.gif
e:\\Program Files\\Garena\Skin\Flags\mo.gif
e:\\Program Files\\Garena\Skin\Flags\mp.gif
e:\\Program Files\\Garena\Skin\Flags\mq.gif
e:\\Program Files\\Garena\Skin\Flags\mr.gif
e:\\Program Files\\Garena\Skin\Flags\ms.gif
e:\\Program Files\\Garena\Skin\Flags\mt.gif
e:\\Program Files\\Garena\Skin\Flags\mu.gif
e:\\Program Files\\Garena\Skin\Flags\mv.gif
e:\\Program Files\\Garena\Skin\Flags\mw.gif
e:\\Program Files\\Garena\Skin\Flags\mx.gif
e:\\Program Files\\Garena\Skin\Flags\my.gif
e:\\Program Files\\Garena\Skin\Flags\mz.gif
e:\\Program Files\\Garena\Skin\Flags\na.gif
e:\\Program Files\\Garena\Skin\Flags\nc.gif
e:\\Program Files\\Garena\Skin\Flags\ne.gif
e:\\Program Files\\Garena\Skin\Flags\nf.gif
e:\\Program Files\\Garena\Skin\Flags\ng.gif
e:\\Program Files\\Garena\Skin\Flags\ni.gif
e:\\Program Files\\Garena\Skin\Flags\nl.gif
e:\\Program Files\\Garena\Skin\Flags\no.gif
e:\\Program Files\\Garena\Skin\Flags\np.gif
e:\\Program Files\\Garena\Skin\Flags\nr.gif
e:\\Program Files\\Garena\Skin\Flags\nz.gif
e:\\Program Files\\Garena\Skin\Flags\om.gif
e:\\Program Files\\Garena\Skin\Flags\pa.gif
e:\\Program Files\\Garena\Skin\Flags\pe.gif
e:\\Program Files\\Garena\Skin\Flags\pf.gif
e:\\Program Files\\Garena\Skin\Flags\pg.gif
e:\\Program Files\\Garena\Skin\Flags\ph.gif
e:\\Program Files\\Garena\Skin\Flags\pk.gif
e:\\Program Files\\Garena\Skin\Flags\pl.gif
e:\\Program Files\\Garena\Skin\Flags\pm.gif
e:\\Program Files\\Garena\Skin\Flags\pr.gif
e:\\Program Files\\Garena\Skin\Flags\ps.gif
e:\\Program Files\\Garena\Skin\Flags\pt.gif
e:\\Program Files\\Garena\Skin\Flags\pw.gif
e:\\Program Files\\Garena\Skin\Flags\py.gif
e:\\Program Files\\Garena\Skin\Flags\qa.gif
e:\\Program Files\\Garena\Skin\Flags\re.gif
e:\\Program Files\\Garena\Skin\Flags\ro.gif
e:\\Program Files\\Garena\Skin\Flags\rs.gif
e:\\Program Files\\Garena\Skin\Flags\ru.gif
e:\\Program Files\\Garena\Skin\Flags\rw.gif
e:\\Program Files\\Garena\Skin\Flags\sa.gif
e:\\Program Files\\Garena\Skin\Flags\sb.gif
e:\\Program Files\\Garena\Skin\Flags\sc.gif
e:\\Program Files\\Garena\Skin\Flags\sd.gif
e:\\Program Files\\Garena\Skin\Flags\se.gif
e:\\Program Files\\Garena\Skin\Flags\sg.gif
e:\\Program Files\\Garena\Skin\Flags\si.gif
e:\\Program Files\\Garena\Skin\Flags\sk.gif
e:\\Program Files\\Garena\Skin\Flags\sl.gif
e:\\Program Files\\Garena\Skin\Flags\sm.gif
e:\\Program Files\\Garena\Skin\Flags\sn.gif
e:\\Program Files\\Garena\Skin\Flags\so.gif
e:\\Program Files\\Garena\Skin\Flags\sr.gif
e:\\Program Files\\Garena\Skin\Flags\st.gif
e:\\Program Files\\Garena\Skin\Flags\sv.gif
e:\\Program Files\\Garena\Skin\Flags\sy.gif
e:\\Program Files\\Garena\Skin\Flags\sz.gif
e:\\Program Files\\Garena\Skin\Flags\tc.gif
e:\\Program Files\\Garena\Skin\Flags\td.gif
e:\\Program Files\\Garena\Skin\Flags\tf.gif
e:\\Program Files\\Garena\Skin\Flags\tg.gif
e:\\Program Files\\Garena\Skin\Flags\th.gif
e:\\Program Files\\Garena\Skin\Flags\Thumbs.db
e:\\Program Files\\Garena\Skin\Flags\tj.gif
e:\\Program Files\\Garena\Skin\Flags\tm.gif
e:\\Program Files\\Garena\Skin\Flags\tn.gif
e:\\Program Files\\Garena\Skin\Flags\to.gif
e:\\Program Files\\Garena\Skin\Flags\tp.gif
e:\\Program Files\\Garena\Skin\Flags\tr.gif
e:\\Program Files\\Garena\Skin\Flags\tt.gif
e:\\Program Files\\Garena\Skin\Flags\tv.gif
e:\\Program Files\\Garena\Skin\Flags\tw.gif
e:\\Program Files\\Garena\Skin\Flags\tz.gif
e:\\Program Files\\Garena\Skin\Flags\ua.gif
e:\\Program Files\\Garena\Skin\Flags\ug.gif
e:\\Program Files\\Garena\Skin\Flags\uk.gif
e:\\Program Files\\Garena\Skin\Flags\um.gif
e:\\Program Files\\Garena\Skin\Flags\us.gif
e:\\Program Files\\Garena\Skin\Flags\uy.gif
e:\\Program Files\\Garena\Skin\Flags\uz.gif
e:\\Program Files\\Garena\Skin\Flags\va.gif
e:\\Program Files\\Garena\Skin\Flags\vc.gif
e:\\Program Files\\Garena\Skin\Flags\ve.gif
e:\\Program Files\\Garena\Skin\Flags\vg.gif
e:\\Program Files\\Garena\Skin\Flags\vi.gif
e:\\Program Files\\Garena\Skin\Flags\vn.gif
e:\\Program Files\\Garena\Skin\Flags\vu.gif
e:\\Program Files\\Garena\Skin\Flags\ws.gif
e:\\Program Files\\Garena\Skin\Flags\ye.gif
e:\\Program Files\\Garena\Skin\Flags\yu.gif
e:\\Program Files\\Garena\Skin\Flags\za.gif
e:\\Program Files\\Garena\Skin\Flags\zm.gif
e:\\Program Files\\Garena\Skin\Flags\zr.gif
e:\\Program Files\\Garena\Skin\Flags\zw.gif
e:\\Program Files\\Garena\Skin\garenatv.ggz
e:\\Program Files\\Garena\Skin\Skin.ggz
e:\\Program Files\\Garena\skin_bs\garenatv.ggz
e:\\Program Files\\Garena\skin_bs\Skin.ggz
e:\\Program Files\\Garena\Skins.xml
e:\\Program Files\\Garena\SocketHook.dll
e:\\Program Files\\Garena\sound\folder.wav
e:\\Program Files\\Garena\sound\game.wav
e:\\Program Files\\Garena\sound\msg.wav
e:\\Program Files\\Garena\sound\nudge.wav
e:\\Program Files\\Garena\sound\quit.wav
e:\\Program Files\\Garena\sound\ring.wav
e:\\Program Files\\Garena\sound\sysmsg.wav
e:\\Program Files\\Garena\source.xml
e:\\Program Files\\Garena\sqlite3.dll
e:\\Program Files\\Garena\uninst.exe
e:\\Program Files\\Garena\update.dat
e:\\Program Files\\Garena\update.exe
e:\\Program Files\\Garena\update.xml
e:\\Program Files\\Garena\update2.exe
e:\\Program Files\\Garena\user.xml
e:\\Program Files\\Garena\user\16283587\ban.dat
e:\\Program Files\\Garena\user\16283587\data.dat
e:\\Program Files\\Garena\user\16283587\fps.dat
e:\\Program Files\\Garena\user\16283587\recent.txt
e:\\Program Files\\Garena\user\27060054\ban.dat
e:\\Program Files\\Garena\user\27060054\data.dat
e:\\Program Files\\Garena\user\27060054\fps.dat
e:\\Program Files\\Garena\user\27060054\recent.txt
e:\\Program Files\\Garena\viwawa.cn.xml
e:\\Program Files\\Garena\viwawa.en.xml
e:\\Program Files\\Garena\viwawa.tw.xml
e:\\Program Files\\Garena\War3Hook.dll
e:\\Program Files\\Garena\web\1.cn.html
e:\\Program Files\\Garena\web\1.en.html
e:\\Program Files\\Garena\web\1.tw.html
e:\\Program Files\\Garena\web\2.cn.html
e:\\Program Files\\Garena\web\2.en.html
e:\\Program Files\\Garena\web\2.tw.html
e:\\Program Files\\Garena\web\3.cn.html
e:\\Program Files\\Garena\web\3.en.html
e:\\Program Files\\Garena\web\3.tw.html
e:\\Program Files\\Garena\web\6.cn.html
e:\\Program Files\\Garena\web\6.en.html
e:\\Program Files\\Garena\web\6.tw.html
e:\\Program Files\\Garena\web\cache\Freesky\css\foemb_2.css
e:\\Program Files\\Garena\web\cache\Freesky\Freesky.html
e:\\Program Files\\Garena\web\cache\Freesky\img\do_bg2.jpg
e:\\Program Files\\Garena\web\cache\Freesky\img\do_btn.jpg
e:\\Program Files\\Garena\web\cache\Freesky\img\ggbackground.jpg
e:\\Program Files\\Garena\web\cache\ROM\config\css\screen.css
e:\\Program Files\\Garena\web\cache\ROM\config\images\bgd_body.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\bgd_dotted_hevertical.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\bgd_dotted_vertical.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\bgd_footer.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\bgd_html.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\header.jpg
e:\\Program Files\\Garena\web\cache\ROM\config\images\ico_bullet.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\visu_download.jpg
e:\\Program Files\\Garena\web\cache\ROM\config\images\visu_line.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\visu_logo-garena.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\visu_run.gif
e:\\Program Files\\Garena\web\cache\ROM\config\images\visu_setting.gif
e:\\Program Files\\Garena\web\cache\ROM\css\screen.css
e:\\Program Files\\Garena\web\cache\ROM\images\bgd_body.jpg
e:\\Program Files\\Garena\web\cache\ROM\images\bgd_html.gif
e:\\Program Files\\Garena\web\cache\ROM\images\bgd_news.gif
e:\\Program Files\\Garena\web\cache\ROM\images\btn_forum_n.gif
e:\\Program Files\\Garena\web\cache\ROM\images\btn_forum_o.gif
e:\\Program Files\\Garena\web\cache\ROM\images\btn_support_n.gif
e:\\Program Files\\Garena\web\cache\ROM\images\btn_support_o.gif
e:\\Program Files\\Garena\web\cache\ROM\images\btn_webiste_n.gif
e:\\Program Files\\Garena\web\cache\ROM\images\btn_webiste_o.gif
e:\\Program Files\\Garena\web\cache\ROM\images\ico-01.gif
e:\\Program Files\\Garena\web\cache\ROM\images\slogan_rom.jpg
e:\\Program Files\\Garena\web\cache\ROM\images\visu_banner.gif
e:\\Program Files\\Garena\web\cache\ROM\images\visu_banner_01.gif
e:\\Program Files\\Garena\web\cache\ROM\images\visu_forum.gif
e:\\Program Files\\Garena\web\cache\ROM\images\visu_garena.gif
e:\\Program Files\\Garena\web\cache\RUpoker\css\pokerembed.css
e:\\Program Files\\Garena\web\cache\RUpoker\img\bg.jpg
e:\\Program Files\\Garena\web\cache\RUpoker\img\btn.jpg
e:\\Program Files\\Garena\web\cache\RUpoker\img\ggbackground.jpg
e:\\Program Files\\Garena\web\embed_game.jpg
e:\\Program Files\\Garena\web\embed_game_cn.jpg
e:\\Program Files\\Garena\web\embed_game_tw.jpg
e:\\Program Files\\Garena\web\embed_garenafire_ZH.jpg
e:\\Program Files\\Garena\web\embed_gfire.jpg
e:\\Program Files\\Garena\web\gfire.cn.html
e:\\Program Files\\Garena\web\gfire.en.html
e:\\Program Files\\Garena\web\gfire.tw.html
e:\\Program Files\\Garena\web\ggbackground.jpg
e:\\Program Files\\Garena\web\loading.gif
e:\\Program Files\\Garena\web\loading.html
e:\\Program Files\\Garena\web\Thumbs.db
e:\\Program Files\\Garena\YYFileSystem.dll
e:\program files\ICQ6Toolbar
e:\program files\ICQ6Toolbar\config.xml
e:\program files\ICQ6Toolbar\Icons.bmp
e:\program files\ICQ6Toolbar\ICQ Service.exe
e:\program files\ICQ6Toolbar\icq6Toolbar.ico
e:\program files\ICQ6Toolbar\ICQToolBar.dll
e:\program files\ICQ6Toolbar\ICQUnToolbar.exe
e:\program files\ICQ6Toolbar\logo_small.gif
e:\program files\ICQ6Toolbar\ServiceStarter.exe
e:\program files\ICQ6Toolbar\short.wav
e:\program files\ICQ6Toolbar\Version.txt

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GARENAPENGINE
-------\Legacy_ICQ_Service
-------\Service_ICQ Service

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-20 do 2010-04-20 )))))))))))))))))))))))))))))))
.

2010-04-19 18:26 . 2010-04-19 18:26 -------- d-----w- e:\documents and settings\Petr\DoctorWeb
2010-04-06 14:18 . 2010-04-06 14:18 -------- d-----w- e:\program files\Cenega Czech
2010-03-24 16:12 . 2010-03-24 16:13 -------- d-----w- e:\program files\A4Tech
2010-03-24 16:00 . 2001-10-24 10:54 12160 -c--a-w- e:\windows\system32\dllcache\mouhid.sys
2010-03-24 16:00 . 2001-10-24 10:54 12160 ----a-w- e:\windows\system32\drivers\mouhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-18 19:18 . 2008-11-21 19:26 -------- d-----w- e:\program files\Nero
2010-04-16 12:13 . 2008-11-22 19:28 -------- d-----w- e:\program files\Common Files\Adobe
2010-04-16 12:05 . 2009-08-09 06:51 -------- d-----w- e:\program files\sdasdas
2010-04-12 15:39 . 2010-01-17 13:52 -------- d-----w- e:\program files\Counter-Strike 1.6
2010-04-07 18:43 . 2010-02-27 20:31 -------- d-----w- e:\program files\ICQ7.0
2010-04-06 18:27 . 2009-07-24 17:36 -------- d-----w- e:\program files\DreamCom
2010-04-06 14:12 . 2002-09-23 12:00 487794 ----a-w- e:\windows\system32\perfh005.dat
2010-04-06 14:12 . 2002-09-23 12:00 101624 ----a-w- e:\windows\system32\perfc005.dat
2010-04-04 11:17 . 2008-11-19 16:55 -------- d--h--w- e:\program files\InstallShield Installation Information
2010-04-04 11:05 . 2010-02-16 18:15 -------- d-----w- e:\program files\Rockstar Games
2010-03-26 20:18 . 2008-11-21 12:29 215104 ----a-w- e:\windows\system32\PnkBstrB.exe
2010-03-26 20:15 . 2008-11-21 12:29 138576 ----a-w- e:\windows\system32\drivers\PnkBstrK.sys
2010-03-23 12:14 . 2008-11-19 17:25 -------- d-----w- e:\program files\Opera
2010-03-20 12:17 . 2008-11-21 12:30 75064 ----a-w- e:\windows\system32\PnkBstrA.exe
2010-03-20 12:17 . 2010-03-20 12:17 794408 ----a-w- e:\windows\system32\pbsvc.exe
2010-03-20 09:59 . 2010-03-20 09:59 -------- d-----w- e:\program files\GamePark
2010-03-19 20:54 . 2009-12-05 17:58 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- e:\program files\opera\program\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- e:\program files\opera\program\plugins\ssldivx.dll
2006-05-03 09:06 . 2009-07-07 10:57 163328 --sh--r- e:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2009-07-07 10:57 31232 --sh--r- e:\windows\system32\msfDX.dll
2008-03-16 12:30 . 2009-07-07 10:57 216064 --sh--r- e:\windows\system32\nbDX.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AFProg"="e:\program files\Hotspot Shield\AnchorFree\ctrl\AFController.exe" [2006-06-05 118784]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="e:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="e:\program files\winamp\winampa.exe" [2008-08-03 36352]
"SMail"="e:\program files\Pošťák\Postak\Postak.exe" [2008-02-21 453936]
"HP Component Manager"="e:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"egui"="e:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"WheelMouse"="e:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

e:\documents and settings\Petr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CurseClientStartup.ccip [2010-1-18 0]

e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - e:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-3-15 241664]
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - e:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-3-15 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 22:34 24576 ----a-w- e:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=e:\windows\system32\wbsys.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"e:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"e:\\Program Files\\ICQ6.5\\ICQ.exe"=
"e:\program files\Microsoft ActiveSync\rapimgr.exe"= e:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"e:\program files\Microsoft ActiveSync\wcescomm.exe"= e:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"e:\program files\Microsoft ActiveSync\WCESMgr.exe"= e:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"e:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\Program Files\\Hamachi\\hamachi.exe"=
"e:\\WINDOWS\\system32\\dpvsetup.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"e:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"e:\\Program Files\\ICQ7.0\\ICQ.exe"=
"e:\\Program Files\\ICQ7.0\\aolload.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\World of Warcraft 3.3.2\\Launcher.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [19.11.2008 19:55 691696]
R1 ehdrv;ehdrv;e:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208]
R1 epfwtdir;epfwtdir;e:\windows\system32\drivers\epfwtdir.sys [6.2.2009 15:24 93336]
R2 ekrn;ESET Service;e:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 15:23 727720]
R3 MouseCap;MouseCapture Driver;e:\windows\system32\drivers\MouseCap.sys [8.8.2005 15:44 6640]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);e:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27.5.2009 3:27 29262680]
S3 TVICHW32;TVICHW32;e:\windows\system32\drivers\TVICHW32.SYS [10.10.2009 21:37 23600]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
IE: Download Using &BitSpirit - e:\program files\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - e:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: ÓĂ±ČĚŘľ«ÁéĎÂÔŘ(&B)
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - e:\program files\ICQ7.0\ICQ.exe
TCP: {CCFE3FAC-4BE7-41F6-B87B-87F2A7DA2B30} = 62.129.50.20,85.135.32.100
FF - ProfilePath - e:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\5ei0sppd.default\
FF - plugin: e:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: e:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: e:\program files\sdasdas\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Garena - e:\program files\Garena\uninst.exe
AddRemove-ICQToolbar - e:\program files\ICQ6Toolbar\ICQUnToolbar.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-20 14:35
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys spyz.sys >>UNKNOWN [0x8AC7B938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> prosync1.sys @ 0xba5b06c1
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
NDIS: NVIDIA nForce Networking Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9d12bb0
PacketIndicateHandler -> NDIS.sys @ 0xb9d1fa21
SendHandler -> NDIS.sys @ 0xb9cfd87b
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(972)
e:\windows\system32\Ati2evxx.dll
e:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll

- - - - - - - > 'explorer.exe'(644)
e:\windows\system32\Amhooker.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\WPDShServiceObj.dll
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\Ati2evxx.exe
e:\program files\Bonjour\mDNSResponder.exe
e:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
e:\program files\Hotspot Shield\bin\openvpnas.exe
e:\program files\Hotspot Shield\HssWPR\hsssrv.exe
e:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
e:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
e:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
e:\windows\system32\PnkBstrA.exe
e:\windows\system32\PnkBstrB.exe
e:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
e:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
e:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
e:\program files\Microsoft ActiveSync\wcescomm.exe
e:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
e:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
e:\progra~1\MI3AA1~1\rapimgr.exe
e:\program files\HP\hpcoretech\comp\hptskmgr.exe
e:\program files\HP\Digital Imaging\bin\hpqgalry.exe
.
**************************************************************************
.
Celkový čas: 2010-04-20 14:40:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-20 12:40
ComboFix2.txt 2010-04-19 20:14
ComboFix3.txt 2010-01-03 18:58
ComboFix4.txt 2009-12-21 19:01

Před spuštěním: Volných bajtů: 21 210 873 856
Po spuštění: Volných bajtů: 21 084 258 304

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 83A4D4B7BC5E064E0ED81668C6E2463F

Dymon · Příspěvekod **Dymon** » 20 dub 2010 14:44

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:44:06, on 20.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\Hotspot Shield\bin\openvpnas.exe
E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\Program Files\winamp\winampa.exe
E:\Program Files\Pošťák\Postak\Postak.exe
E:\Program Files\HP\hpcoretech\hpcmpmgr.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\A4Tech\Mouse\Amoumain.exe
E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\Program Files\DAEMON Tools Lite\DTLite.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
E:\Program Files\Microsoft ActiveSync\wcescomm.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
e:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
E:\PROGRA~1\MI3AA1~1\rapimgr.exe
E:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
E:\WINDOWS\explorer.exe
E:\Program Files\Opera\opera.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - E:\Program Files\Pošťák\Postak\SRank.dll
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\winamp\winampa.exe"
O4 - HKLM\..\Run: [SMail] "E:\Program Files\Pošťák\Postak\Postak.exe"
O4 - HKLM\..\Run: [HP Component Manager] "E:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WheelMouse] E:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKCU\..\Run: [AFProg] E:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "E:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Download Using &BitSpirit - E:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCFE3FAC-4BE7-41F6-B87B-87F2A7DA2B30}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: E:\WINDOWS\system32\wbsys.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - E:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - E:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - E:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 8505 bytes

Dymon · Příspěvekod **Dymon** » 20 dub 2010 14:51

Zde je odkaz na VirusTotal

http://www.virustotal.com/cs/analisis/7 ... 1271767656

Příspěvekod **jaro3** » 20 dub 2010 14:57

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Stáhni si FixIEDef by ShadowPuterDude
na plochu.
Poklepej na FixIEDef
Až se objeví Copyright and Disclaimer notice, klikni na OK a poté na Scan.
Když se objeví zpráva , klikni na OK. Když program skončí , klikni na Exit.
Log se objeví na ploše. Vlož celý obsah toho logu sem.

Stáhni si RootRepeal
Rozbal si archív třeba do C:\RootRepeal
Poklepej na RootRepeal.exe ke startu programu ( ve vistě pravým a vybrat spustit jako administrátor).
Klikni v dolní části na Files a potom na Scan .
Objeví se dialog.okno, dej zatržítko na disk, který chceš skenovat( nejčastěji na C:\ , a potom na OK.
Program začne skenovat zatržený disk. Když sken skončí , budou tam vypsané soubory, ale ne všechny musí být legitimní. Klikni na Save Report a ulož si log do dokumentů. Vlož sem prosím celý jeho obsah.

Dymon · Příspěvekod **Dymon** » 20 dub 2010 15:20

********************************************************************************
* *
* FixIEDef Log *
* Version 1.7.22.7525 *
* *
********************************************************************************

Created at 15:16:23 on Tuesday, April 20, 2010

Time Zone :

Logged On User : Petr

Operating System : Systém Microsoft Windows XP Professional Service Pack 3
OS Architecture : X86
System Langauge : Czech
Keyboard Layout : Czech
Processor : X64 AMD Athlon(tm) 64 Processor 3000+

System Drive : E:\
Windows Directory : E:\WINDOWS
System Directory : E:\WINDOWS\system32

System Drive Type : Fixed
System Drive Status : READY
System Drive Label : Head
System Drive Size : 52.62 GB
System Drive Free : 23.81 GB

Total Physical Memory: 3071 MB
Free Physical Memory : 2498 MB
Total Page File : 3071 MB
Free Page File : 4005 MB
Total Virtual Memory : 2048 MB
Free Virtual Memory : 1959 MB

Boot State : Normal boot

--------------------------------------------------------------------------------

!!! userinit.exe is Clean !!!

--------------------------------------------------------------------------------

!!! Files that have been deleted !!!

E:\WINDOWS\system32\drv2.dll
E:\WINDOWS\system32\drv1.dll
E:\WINDOWS\system32\drv2.dll
E:\WINDOWS\system32\drvc.dll
E:\WINDOWS\system32\nmp.log

--------------------------------------------------------------------------------

!!! Directories that have been removed !!!

No malicious directories to be removed

--------------------------------------------------------------------------------

!!! Registry entries that have been removed !!!

No malicious Registry entries found

================================================================================

All Done :)

ShadowPuterDude

Safe Surfing!!!

Prosím o kontrolu logu - Freezy hry

Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Re: Prosím o kontrolu logu - Freezy hry

Kdo je online