Problém s Explorer.exe ve WIN XP SP3 Vyřešeno

[Damned]

Takže ten script ještě jednou. Soubor se MUSÍ uložit jako CFScript.txt a ne jako CFScript.txt.txt .
Vypni i NOD (v ikoně systray-pravým na ikonu NODu a vybrat antivirus and antispyware disabled)

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

KillAll::
File::
d:\windows.0\ativpsrm.bin
d:\windows.0\system32\ezsidmv.dat
d:\windows.0\nsreg.dat

Folder::
d:\program files\Webteh

DirLook::
d:\documents and settings\HyneÄŤek
d:\program files\Conduit
d:\program files\Garena
d:\documents and settings\Mi?ko
d:\program files\IDoser v4



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
****************************************************************************************************************************************
Červené soubory zkontroluj na Virustotalu

D:\WINDOWS.0\system32\userinit.exe
d:\windows.0\cygz.dll
d:\windows.0\system32\cygwin1.dll

a vlož sem odkazy na výsledek.

[Reklama]

[nemesis92]

jo jenže já ten nod prostě vypnout nemůžu protože nevidim systray ikonu... aten postup co si mi psal vcera taky nesel a ComboFix mi furt hazel upozorneni ze jede nod

[Damned]

Udělej ten script, a zkontroluj ty soubory

[nemesis92]

ComboFix 09-06-14.02 - Hynek 15.06.2009 16:35.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1535.1156 [GMT 2:00]
Spuštěný z: d:\documents and settings\Hynek\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Hynek\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
* Rezidentní štít AV je zapnutý


FILE ::
"d:\windows.0\ativpsrm.bin"
"d:\windows.0\nsreg.dat"
"d:\windows.0\system32\ezsidmv.dat"
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-05-15 do 2009-06-15 )))))))))))))))))))))))))))))))
.

2009-06-15 14:40 . 2009-06-15 14:40 0 ----a-w- d:\windows.0\ativpsrm.bin
2009-06-15 04:52 . 2009-06-15 04:52 -------- d-----w- D:\32788R22FWJFW.0.tmp
2009-06-14 20:04 . 2009-06-14 20:04 -------- d-----w- d:\documents and settings\Hynek\Nová složka
2009-06-14 18:39 . 2009-05-26 11:20 40160 ----a-w- d:\windows.0\system32\drivers\mbamswissarmy.sys
2009-06-14 18:39 . 2009-05-26 11:19 19096 ----a-w- d:\windows.0\system32\drivers\mbam.sys
2009-06-14 18:39 . 2009-06-14 19:01 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2009-06-14 15:56 . 2009-06-14 07:53 15688 ----a-w- d:\windows.0\system32\lsdelete.exe
2009-06-14 09:28 . 2009-06-14 09:28 -------- d-----w- d:\documents and settings\LocalService\Plocha
2009-06-14 07:54 . 2009-06-14 07:53 64160 ----a-w- d:\windows.0\system32\drivers\Lbd.sys
2009-06-14 07:51 . 2009-06-14 07:51 -------- d-----w- d:\program files\Lavasoft
2009-06-12 16:52 . 2009-06-12 16:52 -------- d-----w- d:\program files\Alcohol Soft
2009-06-11 17:09 . 2009-06-11 17:09 -------- d-----w- d:\program files\MKVtoolnix
2009-06-11 17:08 . 2009-06-11 17:08 -------- d-----w- d:\program files\Common Files\ATI Technologies
2009-06-08 16:52 . 2009-06-08 16:52 86016 ----a-w- d:\windows.0\system32\OpenAL32.dll
2009-06-08 16:52 . 2009-06-08 16:52 262144 ----a-w- d:\windows.0\system32\wrap_oal.dll
2009-06-08 16:52 . 2004-10-25 18:02 21664 ----a-w- d:\windows.0\system32\drivers\Entech.sys
2009-06-08 16:52 . 2004-06-22 13:44 5632 ----a-w- d:\windows.0\system32\drivers\Entech64.sys
2009-06-08 16:52 . 2001-11-19 17:05 3972 ----a-w- d:\windows.0\system32\drivers\PciBus.sys
2009-06-08 16:52 . 2009-06-08 16:52 -------- d-----w- d:\windows.0\system32\Futuremark
2009-06-03 16:39 . 2009-06-03 16:39 43520 ----a-w- d:\windows.0\system32\CmdLineExt03.dll
2009-06-03 16:26 . 2009-06-03 16:26 -------- d-----w- d:\documents and settings\HyneÄŤek
2009-06-03 14:16 . 2001-10-24 09:54 12160 -c--a-w- d:\windows.0\system32\dllcache\mouhid.sys
2009-06-03 14:16 . 2001-10-24 09:54 12160 ----a-w- d:\windows.0\system32\drivers\mouhid.sys
2009-06-03 14:16 . 2008-04-14 05:59 14592 -c--a-w- d:\windows.0\system32\dllcache\kbdhid.sys
2009-06-03 14:16 . 2008-04-14 05:59 14592 ----a-w- d:\windows.0\system32\drivers\kbdhid.sys
2009-06-03 14:16 . 2008-04-13 22:15 10368 -c--a-w- d:\windows.0\system32\dllcache\hidusb.sys
2009-06-03 14:16 . 2008-04-13 22:15 10368 ----a-w- d:\windows.0\system32\drivers\hidusb.sys
2009-06-03 14:14 . 2008-04-14 06:51 27648 -c--a-w- d:\windows.0\system32\dllcache\irmon.dll
2009-06-03 14:14 . 2008-04-14 06:51 27648 ----a-w- d:\windows.0\system32\irmon.dll
2009-06-03 14:14 . 2008-04-14 06:52 152064 -c--a-w- d:\windows.0\system32\dllcache\irftp.exe
2009-06-03 14:14 . 2008-04-14 06:52 152064 ----a-w- d:\windows.0\system32\irftp.exe
2009-06-03 14:14 . 2008-04-14 06:52 8192 -c--a-w- d:\windows.0\system32\dllcache\wshirda.dll
2009-06-03 14:14 . 2008-04-14 06:52 8192 ----a-w- d:\windows.0\system32\wshirda.dll
2009-06-03 04:42 . 2009-06-03 04:42 -------- d-----w- d:\program files\SystemRequirementsLab
2009-05-29 18:20 . 2009-05-29 18:20 -------- d-----w- d:\program files\Common Files\DirectX
2009-05-29 14:37 . 2009-05-30 10:08 -------- d-----w- d:\program files\Garena
2009-05-29 14:06 . 2009-05-29 14:11 2829 ----a-w- d:\windows.0\War3Unin.pif
2009-05-29 14:06 . 2009-05-29 14:11 139264 ----a-w- d:\windows.0\War3Unin.exe
2009-05-29 13:42 . 2009-05-29 13:42 -------- d-----w- d:\windows.0\system32\wbem\Repository
2009-05-29 10:18 . 2009-05-29 14:25 127903 ----a-w- d:\windows.0\War3Unin.dat
2009-05-29 10:17 . 2009-06-10 04:49 -------- d-----w- d:\documents and settings\MIKO~2\Dokumenty
2009-05-29 10:17 . 2009-05-29 10:17 -------- d-----w- d:\documents and settings\Mi?ko
2009-05-29 05:51 . 2009-05-29 05:52 -------- d-----w- d:\windows.0\system32\oodag
2009-05-29 05:46 . 2009-05-29 05:46 -------- d-----w- d:\program files\OO Software
2009-05-29 05:41 . 2009-05-29 05:41 -------- d-----w- d:\program files\CCleaner
2009-05-28 19:15 . 2009-05-28 19:27 -------- d-----w- d:\program files\IDoser v4
2009-05-25 15:43 . 2009-05-25 15:43 721904 ----a-w- d:\windows.0\system32\drivers\sptd.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-14 20:21 . 2001-10-25 12:00 86046 ----a-w- d:\windows.0\system32\perfc005.dat
2009-06-14 20:21 . 2001-10-25 12:00 449614 ----a-w- d:\windows.0\system32\perfh005.dat
2009-06-10 19:52 . 2009-04-04 12:44 -------- d-----w- d:\program files\ICQ6.5
2009-06-08 16:49 . 2009-04-03 21:29 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-05-29 13:42 . 2009-04-08 06:49 -------- d-----w- d:\program files\MOBILedit!
2009-05-27 16:22 . 2009-04-04 10:14 -------- d-----w- d:\program files\Lexmark X1100 Series
2009-05-16 11:01 . 2009-05-16 11:02 410984 ----a-w- d:\windows.0\system32\deploytk.dll
2009-05-16 11:01 . 2009-05-16 11:01 -------- d-----w- d:\program files\Java
2009-05-10 19:28 . 2009-05-10 19:28 -------- d-----w- d:\program files\Microsoft Windows 7 Upgrade Advisor
2009-05-07 15:33 . 2009-04-03 20:04 346624 ----a-w- d:\windows.0\system32\localspl.dll
2009-05-03 15:58 . 2009-04-04 12:13 -------- d-----w- d:\program files\QIP
2009-05-02 12:38 . 2009-05-02 12:38 -------- d-----w- d:\program files\Conduit
2009-05-01 19:10 . 2009-05-01 19:02 -------- d-----w- d:\program files\Mio DigiWalker
2009-05-01 19:01 . 2009-05-01 19:01 -------- d-----w- d:\program files\Mio Technology
2009-04-29 04:47 . 2009-04-03 20:04 827392 ----a-w- d:\windows.0\system32\wininet.dll
2009-04-29 04:47 . 2009-04-03 21:04 78336 ------w- d:\windows.0\system32\ieencode.dll
2009-04-27 12:54 . 2009-04-06 12:10 1560 ----a-w- d:\windows.0\system32\ealregsnapshot1.reg
2009-04-27 07:09 . 2009-04-27 07:09 -------- d-----w- d:\program files\Eidos
2009-04-23 14:43 . 2009-04-23 14:41 -------- d-----w- d:\program files\File Sender
2009-04-19 19:52 . 2009-04-03 20:04 1847168 ----a-w- d:\windows.0\system32\win32k.sys
2009-04-19 17:09 . 2009-04-19 17:09 -------- d-----w- d:\program files\DVDVIDEOSOFT
2009-04-19 13:40 . 2009-04-19 13:40 -------- d-----w- d:\program files\MediaInfo
2009-04-15 14:54 . 2009-04-03 20:04 585216 ----a-w- d:\windows.0\system32\rpcrt4.dll
2009-04-09 09:13 . 2009-04-09 09:13 47360 ----a-w- d:\windows.0\system32\drivers\pcouffin.sys
2009-04-09 09:03 . 2009-04-09 09:03 35328 ----a-w- d:\windows.0\system32\cygz.dll
2009-04-09 09:03 . 2009-04-09 09:03 35328 ----a-w- d:\windows.0\cygz.dll
2009-04-09 09:03 . 2009-04-09 09:03 1126281 ----a-w- d:\windows.0\system32\cygwin1.dll
2009-04-09 09:03 . 2009-04-09 09:03 1126281 ----a-w- d:\windows.0\cygwin1.dll
2009-04-03 23:51 . 2009-04-03 23:51 18432 ----a-w- d:\windows.0\system32\drivers\grmngen.sys
2009-04-03 23:51 . 2009-04-03 23:51 8320 ----a-w- d:\windows.0\system32\drivers\grmnusb.sys
2009-04-03 21:59 . 2009-04-03 18:54 76499 ----a-w- d:\windows.0\PCHealth\HelpCtr\OfflineCache\index.dat
2009-04-03 21:59 . 2009-04-03 18:54 2708 ----a-w- d:\windows.0\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-04-03 21:06 . 2009-04-03 18:54 8972 ----a-w- d:\windows.0\PCHealth\HelpCtr\Config\Cntstore.bin
2009-04-03 18:52 . 2009-04-03 18:52 21812 ----a-w- d:\windows.0\system32\emptyregdb.dat
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w- d:\windows.0\system32\msvcp71.dll
2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w- d:\windows.0\system32\msvcr71.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of d:\documents and settings\HyneÄŤek ----


---- Directory of d:\documents and settings\Mi?ko ----


---- Directory of d:\program files\Conduit ----

2009-05-02 12:38 . 2009-01-07 08:55 483864 ----a-w- d:\program files\Conduit\Community Alerts\Alert.dll

---- Directory of d:\program files\Garena ----

2009-05-29 15:03 . 2009-05-29 15:03 152 ----a-w- d:\program files\Garena\GameConfig.xml
2009-05-29 14:52 . 2009-05-30 10:09 39 ----a-w- d:\program files\Garena\user\15940908\recent.txt
2009-05-29 14:42 . 2009-05-30 10:08 11 ----a-w- d:\program files\Garena\gs.dat
2009-05-29 14:42 . 2009-05-30 10:35 8192 ----a-w- d:\program files\Garena\user\15940908\fps.dat
2009-05-29 14:42 . 2009-05-29 14:42 2048 ----a-w- d:\program files\Garena\user\15940908\ban.dat
2009-05-29 14:42 . 2009-05-29 14:48 9216 ----a-w- d:\program files\Garena\user\15940908\data.dat
2009-05-29 14:38 . 2009-05-30 10:08 2048 ----a-w- d:\program files\Garena\clients.dat
2009-05-29 14:37 . 2009-05-29 14:37 108264 ----a-w- d:\program files\Garena\uninst.exe
2009-05-27 09:05 . 2009-05-27 09:05 12431 ----a-w- d:\program files\Garena\update.xml
2009-05-27 08:47 . 2009-05-27 08:47 139264 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin.dll
2009-05-27 06:37 . 2009-05-27 06:37 288768 ----a-w- d:\program files\Garena\dlls\PluginLanguage.dll
2009-05-27 06:05 . 2009-05-27 06:05 37825 ----a-w- d:\program files\Garena\plugins\Plugins.ggz
2009-05-27 04:57 . 2009-05-27 04:57 136192 ----a-w- d:\program files\Garena\plugins\Game\WC3Ass.dll
2009-05-26 11:04 . 2009-05-26 11:04 813056 ----a-w- d:\program files\Garena\Roomcn.dat
2009-05-26 11:04 . 2009-05-29 14:43 871424 ----a-w- d:\program files\Garena\Roomen.dat
2009-05-26 11:04 . 2009-05-26 11:04 814080 ----a-w- d:\program files\Garena\Roomtw.dat
2009-05-26 09:03 . 2009-05-26 09:03 94720 ----a-w- d:\program files\Garena\plugins\Game\GarenaTVRecorder.dll
2009-05-26 07:12 . 2009-05-26 07:12 16384 ----a-w- d:\program files\Garena\Gamecn.dat
2009-05-26 07:05 . 2009-05-26 07:05 16384 ----a-w- d:\program files\Garena\Gametw.dat
2009-05-26 06:52 . 2009-05-26 06:52 20480 ----a-w- d:\program files\Garena\Gameen.dat
2009-05-26 05:22 . 2009-05-26 05:22 46080 ----a-w- d:\program files\Garena\dlls\CTSys.dll
2009-05-26 04:37 . 2009-05-26 04:37 175217 ----a-w- d:\program files\Garena\Skin\Skin.ggz
2009-05-25 09:28 . 2009-05-25 09:28 146944 ----a-w- d:\program files\Garena\plugins\UI\GEngine.dll
2009-05-25 08:50 . 2009-05-25 08:50 352256 ----a-w- d:\program files\Garena\plugins\UI\BlackShotPlugin.dll
2009-05-22 06:37 . 2009-05-22 06:37 2201 ----a-w- d:\program files\Garena\Languages\GarenaTV_UI.dll.cn
2009-05-22 06:37 . 2009-05-22 06:37 2006 ----a-w- d:\program files\Garena\Languages\GarenaTV_UI.dll.en
2009-05-22 06:37 . 2009-05-22 06:37 2006 ----a-w- d:\program files\Garena\Languages\GarenaTV_UI.dll.id
2009-05-22 06:37 . 2009-05-22 06:37 2185 ----a-w- d:\program files\Garena\Languages\GarenaTV_UI.dll.tw
2009-05-19 12:15 . 2009-05-19 12:15 494592 ----a-w- d:\program files\Garena\GarenaTV_UI.dll
2009-05-19 12:04 . 2009-05-19 12:04 40251 ----a-w- d:\program files\Garena\Skin\garenatv.ggz
2009-05-19 12:03 . 2009-05-19 12:03 442368 ----a-w- d:\program files\Garena\GarenaSkin1.dll
2009-05-17 09:12 . 2009-05-17 09:12 376832 ----a-w- d:\program files\Garena\plugins\UI\ViwawaPlugin.dll
2009-05-17 06:48 . 2009-05-17 06:48 144462 ----a-w- d:\program files\Garena\Languages\languages.glf
2009-05-15 09:52 . 2009-05-15 09:52 441 ----a-w- d:\program files\Garena\Languages\WC3Ass.dll.cn
2009-05-15 09:52 . 2009-05-15 09:52 411 ----a-w- d:\program files\Garena\Languages\WC3Ass.dll.en
2009-05-15 09:52 . 2009-05-15 09:52 439 ----a-w- d:\program files\Garena\Languages\WC3Ass.dll.tw
2009-05-15 09:52 . 2009-05-15 09:52 483 ----a-w- d:\program files\Garena\Languages\WC3Ass.dll.vn
2009-05-15 07:35 . 2009-05-15 07:35 6134 ----a-w- d:\program files\Garena\shop\items\150.gif
2009-05-15 06:09 . 2009-05-15 06:09 559 ----a-w- d:\program files\Garena\langs.xml
2009-05-12 06:39 . 2009-05-12 06:39 7168 ----a-w- d:\program files\Garena\dlls\WC3J.dll
2009-05-08 11:13 . 2009-05-08 11:13 933888 ----a-w- d:\program files\Garena\dlls\IPvR.dll
2009-05-04 08:04 . 2009-05-04 08:04 157184 ----a-w- d:\program files\Garena\plugins\Game\WC3Ladder.dll
2009-04-28 03:48 . 2009-04-28 03:48 14315 ----a-w- d:\program files\Garena\config\lockr.xml
2009-04-16 03:57 . 2009-04-16 03:57 102400 ----a-w- d:\program files\Garena\plugins\UI\StatPlugin.dll
2009-04-15 09:31 . 2009-04-15 09:31 90112 ----a-w- d:\program files\Garena\dlls\GFireMan.dll
2009-04-05 08:33 . 2009-04-05 08:33 960 ----a-w- d:\program files\Garena\mdata.ggz
2009-03-24 06:58 . 2009-03-24 06:58 450048 ----a-w- d:\program files\Garena\plugins\UI\FPSGame.dll
2009-03-23 10:30 . 2009-03-23 10:30 3288848 ----a-w- d:\program files\Garena\Garena.exe
2009-03-23 09:16 . 2009-03-23 09:16 25634 ----a-w- d:\program files\Garena\Gn.ggz
2009-03-23 04:51 . 2009-03-23 04:51 1820 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\close_rollover.bmp
2009-03-23 04:50 . 2009-03-23 04:50 1820 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\close_rollout.bmp
2009-03-19 07:32 . 2009-03-19 07:32 680 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\up_rollover.bmp
2009-03-19 07:31 . 2009-03-19 07:31 680 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\up_rollout.bmp
2009-03-19 07:31 . 2009-03-19 07:31 680 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\down_rollover.bmp
2009-03-19 07:30 . 2009-03-19 07:30 680 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\down_rollout.bmp
2009-03-17 13:38 . 2009-03-17 13:38 200704 ----a-w- d:\program files\Garena\lib\GarenaRoomSystem.dll
2009-03-16 14:26 . 2009-05-30 10:08 271 ----a-w- d:\program files\Garena\user.xml
2009-03-16 13:43 . 2009-03-16 13:43 172032 ----a-w- d:\program files\Garena\plugins\UI\FavListUIPlugin.dll
2009-03-16 11:58 . 2009-03-16 11:58 508 ----a-w- d:\program files\Garena\web\gfire.tw.html
2009-03-16 11:58 . 2009-03-16 11:58 508 ----a-w- d:\program files\Garena\web\gfire.cn.html
2009-03-16 08:45 . 2009-03-16 08:45 12800 ----a-w- d:\program files\Garena\web\Thumbs.db
2009-03-16 08:45 . 2009-03-16 08:45 69390 ----a-w- d:\program files\Garena\web\embed_garenafire_ZH.jpg
2009-03-15 13:06 . 2009-03-15 13:06 282624 ----a-w- d:\program files\Garena\plugins\UI\Chenyx.dll
2009-03-15 08:23 . 2009-03-15 08:23 70 ----a-w- d:\program files\Garena\config\bs.cn.xml
2009-03-11 05:53 . 2009-03-11 05:53 70 ----a-w- d:\program files\Garena\config\bs.id.xml
2009-03-11 05:53 . 2009-03-11 05:53 70 ----a-w- d:\program files\Garena\config\bs.en.xml
2009-03-10 05:14 . 2009-03-10 05:14 938 ----a-w- d:\program files\Garena\Languages\FPSGame.dll.cn
2009-03-10 05:14 . 2009-03-10 05:14 889 ----a-w- d:\program files\Garena\Languages\FPSGame.dll.en
2009-03-10 05:14 . 2009-03-10 05:14 932 ----a-w- d:\program files\Garena\Languages\FPSGame.dll.tw
2009-03-09 03:09 . 2009-03-09 03:09 934 ----a-w- d:\program files\Garena\viwawa.en.xml
2009-03-09 03:09 . 2009-03-09 03:09 969 ----a-w- d:\program files\Garena\viwawa.tw.xml
2009-03-08 08:59 . 2009-03-08 08:59 163840 ----a-w- d:\program files\Garena\plugins\UI\AvoidCrackPlugin.dll
2009-03-08 08:01 . 2009-03-08 08:01 974 ----a-w- d:\program files\Garena\viwawa.cn.xml
2009-03-06 13:42 . 2009-03-06 13:42 26783 ----a-w- d:\program files\Garena\lib\LibPlugin.ggz
2009-03-05 08:37 . 2009-03-05 08:37 149316 ----a-w- d:\program files\Garena\web\embed_gfire.jpg
2009-03-05 08:28 . 2009-03-05 08:28 500 ----a-w- d:\program files\Garena\web\gfire.en.html
2009-03-01 07:00 . 2009-03-01 07:00 34139 ----a-w- d:\program files\Garena\layout\layout.ggz
2009-02-22 16:14 . 2009-02-22 16:14 176128 ----a-w- d:\program files\Garena\CommonLib.dll
2009-02-20 13:28 . 2009-02-20 13:28 139264 ----a-w- d:\program files\Garena\lib\MessagePumpLib.dll
2009-02-15 10:13 . 2009-02-15 10:13 82 ----a-w- d:\program files\Garena\hc.xml
2009-02-13 06:15 . 2009-02-13 06:15 883 ----a-w- d:\program files\Garena\Languages\WC3Ladder.dll.cn
2009-02-13 06:15 . 2009-02-13 06:15 767 ----a-w- d:\program files\Garena\Languages\WC3Ladder.dll.en
2009-02-13 06:15 . 2009-02-13 06:15 867 ----a-w- d:\program files\Garena\Languages\WC3Ladder.dll.tw
2009-01-23 06:52 . 2009-01-23 06:52 58368 ----a-w- d:\program files\Garena\FPSHook.dll
2009-01-21 05:40 . 2009-01-21 05:40 278528 ----a-w- d:\program files\Garena\lib\Layout.dll
2009-01-20 08:16 . 2009-01-20 08:16 79872 ----a-w- d:\program files\Garena\dlls\PEngine.dll
2009-01-19 08:15 . 2009-01-19 08:15 147456 ----a-w- d:\program files\Garena\YYFileSystem.dll
2009-01-18 09:41 . 2009-01-18 09:41 279552 ----a-w- d:\program files\Garena\plugins\UI\ManagePlugin.dll
2009-01-16 09:21 . 2009-01-16 09:21 7986 ----a-w- d:\program files\Garena\shop\items\105.gif
2009-01-13 08:48 . 2009-01-13 08:48 212427 ----a-w- d:\program files\Garena\files\files.ggz
2008-12-21 07:26 . 2008-12-21 07:26 245760 ----a-w- d:\program files\Garena\lib\common\Language.dll
2008-12-19 07:37 . 2008-12-19 07:37 113664 ----a-w- d:\program files\Garena\L4DSocket.dll
2008-12-14 10:03 . 2008-12-14 10:03 131072 ----a-w- d:\program files\Garena\lib\LoadSwf.dll
2008-12-11 10:53 . 2008-12-11 10:53 421 ----a-w- d:\program files\Garena\Languages\Garena.exe.en
2008-12-11 08:39 . 2008-12-11 08:39 41472 ----a-w- d:\program files\Garena\plugins\UI\zDep.dll
2008-12-10 12:18 . 2008-12-10 12:18 9894 ----a-w- d:\program files\Garena\Languages\Garena.exe.id
2008-12-09 03:38 . 2008-12-09 03:38 10367 ----a-w- d:\program files\Garena\Languages\Garena.exe.cn
2008-12-09 03:35 . 2008-12-09 03:35 10571 ----a-w- d:\program files\Garena\Languages\Garena.exe.tw
2008-12-08 13:54 . 2008-12-08 13:54 10961 ----a-w- d:\program files\Garena\Languages\Garena.exe.sp
2008-12-08 11:13 . 2008-12-08 11:13 53248 ----a-w- d:\program files\Garena\plugins\UI\zzzPlugin.dll
2008-12-08 11:05 . 2008-12-08 11:05 10694 ----a-w- d:\program files\Garena\Languages\Garena.exe.br
2008-12-08 09:57 . 2008-12-08 09:57 11687 ----a-w- d:\program files\Garena\Languages\Garena.exe.ru
2008-12-08 09:57 . 2008-12-08 09:57 10736 ----a-w- d:\program files\Garena\Languages\Garena.exe.vn
2008-12-07 12:35 . 2008-12-07 12:35 112128 ----a-w- d:\program files\Garena\dlls\flags.dll
2008-12-05 09:53 . 2008-12-05 09:53 168118 ----a-w- d:\program files\Garena\plugins\UI\AdPlugin\skinmsn.bmp
2008-12-05 08:13 . 2008-12-05 08:13 15086 ----a-w- d:\program files\Garena\Avatar\girl_s.swf
2008-12-05 08:06 . 2008-12-05 08:06 12144 ----a-w- d:\program files\Garena\Avatar\boy_s.swf
2008-12-05 07:43 . 2008-12-05 07:43 12002 ----a-w- d:\program files\Garena\Avatar\boy.swf
2008-12-05 07:41 . 2008-12-05 07:41 14944 ----a-w- d:\program files\Garena\Avatar\girl.swf
2008-12-05 06:28 . 2008-12-05 06:28 204800 ----a-w- d:\program files\Garena\lib\GarenaWebService.dll
2008-12-04 10:16 . 2008-12-04 10:16 7666 ----a-w- d:\program files\Garena\shop\items\309.gif
2008-12-04 10:16 . 2008-12-04 10:16 7666 ----a-w- d:\program files\Garena\shop\items\310.gif
2008-12-04 10:16 . 2008-12-04 10:16 7666 ----a-w- d:\program files\Garena\shop\items\311.gif
2008-12-04 10:16 . 2008-12-04 10:16 7666 ----a-w- d:\program files\Garena\shop\items\312.gif
2008-12-04 10:15 . 2008-12-04 10:15 6931 ----a-w- d:\program files\Garena\shop\items\305.gif
2008-12-04 10:15 . 2008-12-04 10:15 6931 ----a-w- d:\program files\Garena\shop\items\306.gif
2008-12-04 10:15 . 2008-12-04 10:15 6931 ----a-w- d:\program files\Garena\shop\items\307.gif
2008-12-04 10:15 . 2008-12-04 10:15 6931 ----a-w- d:\program files\Garena\shop\items\308.gif
2008-12-04 07:10 . 2008-12-04 07:10 1350 ----a-w- d:\program files\Garena\Avatar\unknown_s.swf
2008-12-03 10:51 . 2008-12-03 10:51 6114 ----a-w- d:\program files\Garena\shop\items\100.gif
2008-12-03 10:51 . 2008-12-03 10:51 5083 ----a-w- d:\program files\Garena\shop\items\200.gif
2008-12-03 10:51 . 2008-12-03 10:51 6692 ----a-w- d:\program files\Garena\shop\items\304.gif
2008-12-03 10:51 . 2008-12-03 10:51 4589 ----a-w- d:\program files\Garena\shop\items\201.gif
2008-12-03 10:51 . 2008-12-03 10:51 6306 ----a-w- d:\program files\Garena\shop\items\313.gif
2008-12-03 10:51 . 2008-12-03 10:51 4873 ----a-w- d:\program files\Garena\shop\items\202.gif
2008-12-03 10:51 . 2008-12-03 10:51 4804 ----a-w- d:\program files\Garena\shop\items\203.gif
2008-12-03 10:50 . 2008-12-03 10:50 5065 ----a-w- d:\program files\Garena\shop\items\204.gif
2008-12-03 10:50 . 2008-12-03 10:50 5066 ----a-w- d:\program files\Garena\shop\items\205.gif
2008-12-03 10:50 . 2008-12-03 10:50 5134 ----a-w- d:\program files\Garena\shop\items\206.gif
2008-12-02 07:00 . 2008-12-02 07:00 1789 ----a-w- d:\program files\Garena\Avatar\unknown.swf
2008-11-17 06:37 . 2008-11-17 06:37 56832 ----a-w- d:\program files\Garena\PluginKernel.dll
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.tw.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.br.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.pp.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.ru.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.sd.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.sp.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.th.xml
2008-11-12 09:12 . 2008-11-12 09:12 71 ----a-w- d:\program files\Garena\config\bs.vn.xml
2008-11-12 09:05 . 2008-11-12 09:05 500 ----a-w- d:\program files\Garena\web\3.tw.html
2008-11-12 09:05 . 2008-11-12 09:05 500 ----a-w- d:\program files\Garena\web\2.tw.html
2008-11-12 09:04 . 2008-11-12 09:04 500 ----a-w- d:\program files\Garena\web\1.tw.html
2008-11-12 09:03 . 2008-11-12 09:03 500 ----a-w- d:\program files\Garena\web\6.tw.html
2008-11-12 09:02 . 2008-11-12 09:02 500 ----a-w- d:\program files\Garena\web\6.cn.html
2008-11-12 09:02 . 2008-11-12 09:02 500 ----a-w- d:\program files\Garena\web\1.cn.html
2008-11-12 09:02 . 2008-11-12 09:02 500 ----a-w- d:\program files\Garena\web\2.cn.html
2008-11-12 09:02 . 2008-11-12 09:02 500 ----a-w- d:\program files\Garena\web\3.cn.html
2008-11-12 08:26 . 2008-11-12 08:26 62253 ----a-w- d:\program files\Garena\web\embed_game_cn.jpg
2008-11-12 08:26 . 2008-11-12 08:26 58928 ----a-w- d:\program files\Garena\web\embed_game_tw.jpg
2008-11-11 08:55 . 2008-11-11 08:55 61440 ----a-w- d:\program files\Garena\dlls\FPSHelper.dll
2008-11-10 13:34 . 2008-11-10 13:34 499 ----a-w- d:\program files\Garena\web\1.en.html
2008-11-10 13:34 . 2008-11-10 13:34 499 ----a-w- d:\program files\Garena\web\2.en.html
2008-11-10 13:34 . 2008-11-10 13:34 499 ----a-w- d:\program files\Garena\web\3.en.html
2008-11-10 13:34 . 2008-11-10 13:34 499 ----a-w- d:\program files\Garena\web\6.en.html
2008-11-10 09:19 . 2008-11-10 09:19 97543 ----a-w- d:\program files\Garena\web\embed_game.jpg
2008-11-10 05:18 . 2008-11-10 05:18 176128 ----a-w- d:\program files\Garena\AESocket.dll
2008-11-06 10:39 . 2008-11-06 10:39 4991 ----a-w- d:\program files\Garena\shop\items\300.gif
2008-11-06 10:39 . 2008-11-06 10:39 5222 ----a-w- d:\program files\Garena\shop\items\303.gif
2008-11-06 10:39 . 2008-11-06 10:39 6150 ----a-w- d:\program files\Garena\shop\items\302.gif
2008-11-06 10:38 . 2008-11-06 10:38 4875 ----a-w- d:\program files\Garena\shop\items\301.gif
2008-10-26 13:47 . 2008-10-26 13:47 92 ----a-w- d:\program files\Garena\source.xml
2008-10-24 11:08 . 2008-10-24 11:08 14337 ----a-w- d:\program files\Garena\config\loctw.xml
2008-10-24 11:05 . 2008-10-24 11:05 13774 ----a-w- d:\program files\Garena\config\locen.xml
2008-10-24 11:05 . 2008-10-24 11:05 14101 ----a-w- d:\program files\Garena\config\loccn.xml
2008-10-22 03:41 . 2008-10-22 03:41 375 ----a-w- d:\program files\Garena\deps\vww.gzp
2008-10-16 13:31 . 2008-10-16 13:31 106496 ----a-w- d:\program files\Garena\lib\HttpLayer.dll
2008-10-13 12:47 . 2008-10-13 12:47 512000 ----a-w- d:\program files\Garena\lib\PKCS.dll
2008-10-12 12:51 . 2008-10-12 12:51 100352 ----a-w- d:\program files\Garena\plugins\UI\GarenaTVRecUI.dll
2008-10-12 12:51 . 2008-10-12 12:51 88576 ----a-w- d:\program files\Garena\plugins\UI\GarenaTV.dll
2008-10-07 12:11 . 2008-10-07 12:11 824 ----a-w- d:\program files\Garena\layout\BlackShotView.layout
2008-10-06 05:47 . 2008-10-06 05:47 42496 ----a-w- d:\program files\Garena\plugins\UI\CafeLogin.dll
2008-10-05 12:21 . 2009-05-29 14:42 439 ----a-w- d:\program files\Garena\server.xml
2008-10-05 09:00 . 2008-10-05 09:00 222720 ----a-w- d:\program files\Garena\CS15Hook.dll
2008-10-03 15:23 . 2008-10-03 15:23 6660 ----a-w- d:\program files\Garena\shop\items\65.gif
2008-10-03 15:23 . 2008-10-03 15:23 6542 ----a-w- d:\program files\Garena\shop\items\66.gif
2008-10-03 15:23 . 2008-10-03 15:23 7793 ----a-w- d:\program files\Garena\shop\items\64.gif
2008-10-03 15:22 . 2008-10-03 15:22 7792 ----a-w- d:\program files\Garena\shop\items\63.gif
2008-10-03 15:22 . 2008-10-03 15:22 7843 ----a-w- d:\program files\Garena\shop\items\23.gif
2008-09-15 08:34 . 2008-09-15 08:34 425984 ----a-w- d:\program files\Garena\GarenaSkin.dll
2008-09-07 14:24 . 2008-09-07 14:24 729 ----a-w- d:\program files\Garena\Languages\update.exe.cn
2008-09-07 14:24 . 2008-09-07 14:24 735 ----a-w- d:\program files\Garena\Languages\update.exe.tw
2008-09-07 11:15 . 2008-09-07 11:15 9947 ----a-w- d:\program files\Garena\Languages\Garena.exe.th
2008-09-07 09:59 . 2008-09-07 09:59 33280 ----a-w- d:\program files\Garena\shop\items\Thumbs.db
2008-09-05 12:34 . 2008-09-05 12:34 65024 ----a-w- d:\program files\Garena\lib\WebCache.dll
2008-09-03 06:05 . 2008-09-03 06:05 3961 ----a-w- d:\program files\Garena\web\ggbackground.jpg
2008-09-02 13:27 . 2008-09-02 13:27 99 ----a-w- d:\program files\Garena\Skins.xml
2008-09-01 15:05 . 2008-09-01 15:05 151040 ----a-w- d:\program files\Garena\lib\NetworkLayer.dll
2008-09-01 14:51 . 2008-09-01 14:51 524288 ----a-w- d:\program files\Garena\update.exe
2008-09-01 08:13 . 2008-09-01 08:13 10856 ----a-w- d:\program files\Garena\GarenaTV\0.bmp
2008-09-01 08:07 . 2008-09-01 08:07 10854 ----a-w- d:\program files\Garena\GarenaTV\5.bmp
2008-09-01 08:07 . 2008-09-01 08:07 10854 ----a-w- d:\program files\Garena\GarenaTV\4.bmp
2008-09-01 08:07 . 2008-09-01 08:07 10854 ----a-w- d:\program files\Garena\GarenaTV\3.bmp
2008-09-01 08:06 . 2008-09-01 08:06 10854 ----a-w- d:\program files\Garena\GarenaTV\2.bmp
2008-09-01 08:06 . 2008-09-01 08:06 10854 ----a-w- d:\program files\Garena\GarenaTV\6.bmp
2008-09-01 08:05 . 2008-09-01 08:05 10854 ----a-w- d:\program files\Garena\GarenaTV\1.bmp
2008-09-01 07:47 . 2008-09-01 07:47 2074 ----a-w- d:\program files\Garena\GarenaTV\cn_s.ggz
2008-09-01 07:47 . 2008-09-01 07:47 1894 ----a-w- d:\program files\Garena\GarenaTV\en_s.ggz
2008-09-01 07:47 . 2008-09-01 07:47 2062 ----a-w- d:\program files\Garena\GarenaTV\tw_s.ggz
2008-09-01 06:39 . 2008-09-01 06:39 100352 ----a-w- d:\program files\Garena\War3Hook.dll
2008-08-05 11:35 . 2008-08-05 11:35 361 ----a-w- d:\program files\Garena\GarenaTV\id_s.ggz
2008-07-31 12:10 . 2008-07-31 12:10 4875 ----a-w- d:\program files\Garena\shop\items\22.gif
2008-07-31 12:10 . 2008-07-31 12:10 5208 ----a-w- d:\program files\Garena\shop\items\40.gif
2008-07-31 12:10 . 2008-07-31 12:10 5208 ----a-w- d:\program files\Garena\shop\items\61.gif
2008-07-31 12:09 . 2008-07-31 12:09 5361 ----a-w- d:\program files\Garena\shop\items\60.gif
2008-07-31 12:09 . 2008-07-31 12:09 6117 ----a-w- d:\program files\Garena\shop\items\21.gif
2008-07-31 12:07 . 2008-07-31 12:07 6069 ----a-w- d:\program files\Garena\shop\items\62.gif
2008-07-30 16:10 . 2008-07-30 16:10 5789 ----a-w- d:\program files\Garena\shop\items\1.gif
2008-07-30 16:10 . 2008-07-30 16:10 5789 ----a-w- d:\program files\Garena\shop\items\2.gif
2008-07-30 16:10 . 2008-07-30 16:10 5789 ----a-w- d:\program files\Garena\shop\items\3.gif
2008-07-30 16:10 . 2008-07-30 16:10 5789 ----a-w- d:\program files\Garena\shop\items\4.gif
2008-06-26 10:31 . 2008-06-26 10:31 69632 ----a-w- d:\program files\Garena\GarenaTVHook.dll
2008-06-25 21:10 . 2008-06-25 21:10 105984 ----a-w- d:\program files\Garena\SocketHook.dll
2008-06-05 05:59 . 2008-06-05 05:59 115060 ----a-w- d:\program files\Garena\GarenaTV\tw.ggz
2008-06-05 05:47 . 2008-06-05 05:47 86016 ----a-w- d:\program files\Garena\plugins\Game\WC3VC.dll
2008-06-03 13:29 . 2008-06-03 13:29 275456 ----a-w- d:\program files\Garena\Skin\Flags\Thumbs.db
2008-06-03 11:40 . 2008-06-03 11:40 731 ----a-w- d:\program files\Garena\Languages\update2.exe.cn
2008-06-03 11:40 . 2008-06-03 11:40 737 ----a-w- d:\program files\Garena\Languages\update2.exe.tw
2008-06-02 13:21 . 2008-06-02 13:21 7680 ----a-w- d:\program files\Garena\GarenaTV\Thumbs.db
2008-06-02 12:31 . 2008-06-02 12:31 238 ----a-w- d:\program files\Garena\Skin\Flags\rs.gif
2008-06-02 12:31 . 2008-06-02 12:31 238 ----a-w- d:\program files\Garena\Skin\Flags\me.gif
2008-05-30 09:40 . 2008-05-30 09:40 484 ----a-w- d:\program files\Garena\GarenaTV.xml
2008-05-30 09:38 . 2008-05-30 09:38 515 ----a-w- d:\program files\Garena\RecConfig.xml
2008-05-30 09:15 . 2008-05-30 09:15 111693 ----a-w- d:\program files\Garena\GarenaTV\cn.ggz
2008-05-30 09:02 . 2008-05-30 09:02 105776 ----a-w- d:\program files\Garena\GarenaTV\en.ggz
2008-05-14 04:21 . 2008-05-14 04:21 441705 ----a-w- d:\program files\Garena\sqlite3.dll
2008-05-04 09:30 . 2008-05-04 09:30 53248 ----a-w- d:\program files\Garena\Inject.dll
2007-08-21 13:08 . 2007-08-21 13:08 23558 ----a-w- d:\program files\Garena\GGICON.ico
2006-10-02 12:41 . 2006-10-02 12:41 28244 ----a-w- d:\program files\Garena\sound\quit.wav
2006-08-25 14:44 . 2006-08-25 14:44 89600 ----a-w- d:\program files\Garena\atl71.dll
2006-07-18 18:29 . 2006-07-18 18:29 27666 ----a-w- d:\program files\Garena\sound\ring.wav
2005-03-30 03:21 . 2005-03-30 03:21 14426 ----a-w- d:\program files\Garena\sound\msg.wav
2003-11-22 14:52 . 2003-11-22 14:52 14298 ----a-w- d:\program files\Garena\sound\nudge.wav
2003-06-23 15:39 . 2003-06-23 15:39 925 ----a-w- d:\program files\Garena\Skin\Flags\um.gif
2003-06-23 15:39 . 2003-06-23 15:39 863 ----a-w- d:\program files\Garena\Skin\Flags\tf.gif
2003-06-23 15:39 . 2003-06-23 15:39 871 ----a-w- d:\program files\Garena\Skin\Flags\sm.gif
2003-06-23 15:38 . 2003-06-23 15:38 863 ----a-w- d:\program files\Garena\Skin\Flags\re.gif
2003-06-23 15:38 . 2003-06-23 15:38 855 ----a-w- d:\program files\Garena\Skin\Flags\pw.gif
2003-06-23 15:38 . 2003-06-23 15:38 961 ----a-w- d:\program files\Garena\Skin\Flags\mq.gif
2003-06-23 15:38 . 2003-06-23 15:38 968 ----a-w- d:\program files\Garena\Skin\Flags\mh.gif
2003-06-23 15:37 . 2003-06-23 15:37 925 ----a-w- d:\program files\Garena\Skin\Flags\ls.gif
2003-06-23 15:37 . 2003-06-23 15:37 1070 ----a-w- d:\program files\Garena\Skin\Flags\io.gif
2003-06-23 15:37 . 2003-06-23 15:37 937 ----a-w- d:\program files\Garena\Skin\Flags\hm.gif
2003-06-23 15:36 . 2003-06-23 15:36 911 ----a-w- d:\program files\Garena\Skin\Flags\fm.gif
2003-06-23 15:36 . 2003-06-23 15:36 926 ----a-w- d:\program files\Garena\Skin\Flags\fk.gif
2003-06-23 15:36 . 2003-06-23 15:36 934 ----a-w- d:\program files\Garena\Skin\Flags\bv.gif
2003-06-23 15:35 . 2003-06-23 15:35 1050 ----a-w- d:\program files\Garena\Skin\Flags\as.gif
2003-06-23 15:35 . 2003-06-23 15:35 990 ----a-w- d:\program files\Garena\Skin\Flags\aq.gif
2003-06-23 15:34 . 2003-06-23 15:34 967 ----a-w- d:\program files\Garena\Skin\Flags\ai.gif
2003-06-23 15:33 . 2003-06-23 15:33 936 ----a-w- d:\program files\Garena\Skin\Flags\do.gif
2003-06-23 15:31 . 2003-06-23 15:31 919 ----a-w- d:\program files\Garena\Skin\Flags\mm.gif
2003-06-23 15:30 . 2003-06-23 15:30 907 ----a-w- d:\program files\Garena\Skin\Flags\tj.gif
2003-06-23 15:30 . 2003-06-23 15:30 893 ----a-w- d:\program files\Garena\Skin\Flags\la.gif
2003-06-23 15:30 . 2003-06-23 15:30 908 ----a-w- d:\program files\Garena\Skin\Flags\cd.gif
2003-06-23 15:30 . 2003-06-23 15:30 929 ----a-w- d:\program files\Garena\Skin\Flags\gq.gif
2003-06-23 15:30 . 2003-06-23 15:30 946 ----a-w- d:\program files\Garena\Skin\Flags\st.gif
2003-06-23 15:29 . 2003-06-23 15:29 923 ----a-w- d:\program files\Garena\Skin\Flags\sn.gif
2003-06-23 15:29 . 2003-06-23 15:29 920 ----a-w- d:\program files\Garena\Skin\Flags\uz.gif
2003-06-23 15:29 . 2003-06-23 15:29 897 ----a-w- d:\program files\Garena\Skin\Flags\li.gif
2003-06-23 15:29 . 2003-06-23 15:29 915 ----a-w- d:\program files\Garena\Skin\Flags\dj.gif
2003-06-23 15:29 . 2003-06-23 15:29 913 ----a-w- d:\program files\Garena\Skin\Flags\gw.gif
2003-06-23 15:28 . 2003-06-23 15:28 949 ----a-w- d:\program files\Garena\Skin\Flags\ag.gif
2003-06-23 15:28 . 2003-06-23 15:28 947 ----a-w- d:\program files\Garena\Skin\Flags\pg.gif
2003-06-23 15:28 . 2003-06-23 15:28 914 ----a-w- d:\program files\Garena\Skin\Flags\mv.gif
2003-06-23 15:27 . 2003-06-23 15:27 901 ----a-w- d:\program files\Garena\Skin\Flags\sv.gif
2003-06-23 15:26 . 2003-06-23 15:26 898 ----a-w- d:\program files\Garena\Skin\Flags\ae.gif
2003-06-23 15:26 . 2003-06-23 15:26 892 ----a-w- d:\program files\Garena\Skin\Flags\mu.gif
2003-06-23 15:26 . 2003-06-23 15:26 896 ----a-w- d:\program files\Garena\Skin\Flags\hn.gif
2003-06-23 15:26 . 2003-06-23 15:26 897 ----a-w- d:\program files\Garena\Skin\Flags\mr.gif
2003-06-23 15:25 . 2003-06-23 15:25 904 ----a-w- d:\program files\Garena\Skin\Flags\ne.gif
2003-06-23 15:25 . 2003-06-23 15:25 902 ----a-w- d:\program files\Garena\Skin\Flags\td.gif
2003-06-23 15:24 . 2003-06-23 15:24 915 ----a-w- d:\program files\Garena\Skin\Flags\kw.gif
2003-06-23 15:24 . 2003-06-23 15:24 902 ----a-w- d:\program files\Garena\Skin\Flags\gn.gif
2003-06-23 15:24 . 2003-06-23 15:24 893 ----a-w- d:\program files\Garena\Skin\Flags\mw.gif
2003-06-23 15:24 . 2003-06-23 15:24 902 ----a-w- d:\program files\Garena\Skin\Flags\ml.gif
2003-06-23 15:24 . 2003-06-23 15:24 901 ----a-w- d:\program files\Garena\Skin\Flags\ni.gif
2003-06-23 15:24 . 2003-06-23 15:24 917 ----a-w- d:\program files\Garena\Skin\Flags\lr.gif
2003-06-23 15:23 . 2003-06-23 15:23 911 ----a-w- d:\program files\Garena\Skin\Flags\gh.gif
2003-06-23 15:23 . 2003-06-23 15:23 897 ----a-w- d:\program files\Garena\Skin\Flags\gm.gif
2003-06-23 15:21 . 2003-06-23 15:21 971 ----a-w- d:\program files\Garena\Skin\Flags\kn.gif
2003-06-23 15:21 . 2003-06-23 15:21 992 ----a-w- d:\program files\Garena\Skin\Flags\uk.gif
2003-06-23 15:20 . 2003-06-23 15:20 977 ----a-w- d:\program files\Garena\Skin\Flags\sc.gif
2003-06-23 15:20 . 2003-06-23 15:20 929 ----a-w- d:\program files\Garena\Skin\Flags\rw.gif
2003-06-23 15:20 . 2003-06-23 15:20 947 ----a-w- d:\program files\Garena\Skin\Flags\ad.gif
2003-06-23 15:20 . 2003-06-23 15:20 959 ----a-w- d:\program files\Garena\Skin\Flags\gd.gif
2003-06-23 15:19 . 2003-06-23 15:19 960 ----a-w- d:\program files\Garena\Skin\Flags\dm.gif
2003-06-23 15:19 . 2003-06-23 15:19 940 ----a-w- d:\program files\Garena\Skin\Flags\km.gif
2003-06-23 15:19 . 2003-06-23 15:19 927 ----a-w- d:\program files\Garena\Skin\Flags\tm.gif
2003-06-23 15:10 . 2003-06-23 15:10 938 ----a-w- d:\program files\Garena\Skin\Flags\vc.gif
2003-06-23 15:09 . 2003-06-23 15:09 964 ----a-w- d:\program files\Garena\Skin\Flags\vu.gif
2003-06-23 15:09 . 2003-06-23 15:09 924 ----a-w- d:\program files\Garena\Skin\Flags\zr.gif
2003-06-23 15:08 . 2003-06-23 15:08 926 ----a-w- d:\program files\Garena\Skin\Flags\zm.gif
2003-06-23 15:08 . 2003-06-23 15:08 898 ----a-w- d:\program files\Garena\Skin\Flags\ng.gif
2003-03-27 21:14 . 2003-03-27 21:14 902 ----a-w- d:\program files\Garena\Skin\Flags\ps.gif
2003-03-27 21:10 . 2003-03-27 21:10 900 ----a-w- d:\program files\Garena\Skin\Flags\eu.gif
2003-03-24 19:21 . 2003-03-24 19:21 807 ----a-w- d:\program files\Garena\Skin\Flags\-.gif
2003-02-14 00:31 . 2003-02-14 00:31 924 ----a-w- d:\program files\Garena\Skin\Flags\sz.gif
2003-02-14 00:30 . 2003-02-14 00:30 971 ----a-w- d:\program files\Garena\Skin\Flags\mk.gif
2003-02-14 00:29 . 2003-02-14 00:29 937 ----a-w- d:\program files\Garena\Skin\Flags\je.gif
2003-02-14 00:29 . 2003-02-14 00:29 862 ----a-w- d:\program files\Garena\Skin\Flags\im.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\zw.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\yu.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\za.gif
2003-02-07 15:07 . 2003-02-07 15:07 994 ----a-w- d:\program files\Garena\Skin\Flags\ws.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\ye.gif
2003-02-07 15:07 . 2003-02-07 15:07 999 ----a-w- d:\program files\Garena\Skin\Flags\vn.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\vi.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\ve.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\vg.gif
2003-02-07 15:07 . 2003-02-07 15:07 1004 ----a-w- d:\program files\Garena\Skin\Flags\va.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\uy.gif
2003-02-07 15:07 . 2003-02-07 15:07 1006 ----a-w- d:\program files\Garena\Skin\Flags\us.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\ua.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\ug.gif
2003-02-07 15:06 . 2003-02-07 15:06 587 ----a-w- d:\program files\Garena\Skin\Flags\tw.gif
2003-02-07 15:06 . 2003-02-07 15:06 1005 ----a-w- d:\program files\Garena\Skin\Flags\tz.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\tt.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\tv.gif
2003-02-07 15:06 . 2003-02-07 15:06 995 ----a-w- d:\program files\Garena\Skin\Flags\tr.gif
2003-02-07 15:06 . 2003-02-07 15:06 591 ----a-w- d:\program files\Garena\Skin\Flags\to.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\tp.gif
2003-02-07 15:06 . 2003-02-07 15:06 1005 ----a-w- d:\program files\Garena\Skin\Flags\tn.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\th.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\tg.gif
2003-02-07 15:06 . 2003-02-07 15:06 907 ----a-w- d:\program files\Garena\Skin\Flags\sy.gif
2003-02-07 15:06 . 2003-02-07 15:06 1004 ----a-w- d:\program files\Garena\Skin\Flags\tc.gif
2003-02-07 15:06 . 2003-02-07 15:06 998 ----a-w- d:\program files\Garena\Skin\Flags\so.gif
2003-02-07 15:06 . 2003-02-07 15:06 842 ----a-w- d:\program files\Garena\Skin\Flags\sr.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\sk.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\sl.gif
2003-02-07 15:06 . 2003-02-07 15:06 1005 ----a-w- d:\program files\Garena\Skin\Flags\sg.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\si.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\se.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\sd.gif
2003-02-07 15:06 . 2003-02-07 15:06 1004 ----a-w- d:\program files\Garena\Skin\Flags\sa.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\sb.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\ru.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\ro.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\py.gif
2003-02-07 15:06 . 2003-02-07 15:06 596 ----a-w- d:\program files\Garena\Skin\Flags\qa.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\pr.gif
2003-02-07 15:06 . 2003-02-07 15:06 1000 ----a-w- d:\program files\Garena\Skin\Flags\pt.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\pl.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\pm.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\ph.gif
2003-02-07 15:06 . 2003-02-07 15:06 1004 ----a-w- d:\program files\Garena\Skin\Flags\pk.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\pf.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\pe.gif
2003-02-07 15:06 . 2003-02-07 15:06 1005 ----a-w- d:\program files\Garena\Skin\Flags\nz.gif
2003-02-07 15:06 . 2003-02-07 15:06 1004 ----a-w- d:\program files\Garena\Skin\Flags\om.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\pa.gif
2003-02-07 15:06 . 2003-02-07 15:06 1003 ----a-w- d:\program files\Garena\Skin\Flags\nr.gif
2003-02-07 15:06 . 2003-02-07 15:06 1004 ----a-w- d:\program files\Garena\Skin\Flags\no.gif
2003-02-07 15:06 . 2003-02-07 15:06 563 ----a-w- d:\program files\Garena\Skin\Flags\np.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\nl.gif
2003-02-07 15:06 . 2003-02-07 15:06 1006 ----a-w- d:\program files\Garena\Skin\Flags\nf.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\nc.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\mz.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\na.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\my.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\mx.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\ms.gif
2003-02-07 15:05 . 2003-02-07 15:05 855 ----a-w- d:\program files\Garena\Skin\Flags\mt.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\mp.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\mn.gif
2003-02-07 15:05 . 2003-02-07 15:05 1005 ----a-w- d:\program files\Garena\Skin\Flags\mo.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\md.gif
2003-02-07 15:05 . 2003-02-07 15:05 1005 ----a-w- d:\program files\Garena\Skin\Flags\mg.gif
2003-02-07 15:05 . 2003-02-07 15:05 1139 ----a-w- d:\program files\Garena\Skin\Flags\ma.gif
2003-02-07 15:05 . 2003-02-07 15:05 1005 ----a-w- d:\program files\Garena\Skin\Flags\mc.gif
2003-02-07 15:05 . 2003-02-07 15:05 999 ----a-w- d:\program files\Garena\Skin\Flags\lv.gif
2003-02-07 15:05 . 2003-02-07 15:05 576 ----a-w- d:\program files\Garena\Skin\Flags\ly.gif
2003-02-07 15:05 . 2003-02-07 15:05 631 ----a-w- d:\program files\Garena\Skin\Flags\lt.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\lu.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\lk.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\lb.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\lc.gif
2003-02-07 15:05 . 2003-02-07 15:05 1004 ----a-w- d:\program files\Garena\Skin\Flags\kz.gif
2003-02-07 15:05 . 2003-02-07 15:05 1005 ----a-w- d:\program files\Garena\Skin\Flags\ky.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\kp.gif
2003-02-07 15:05 . 2003-02-07 15:05 1004 ----a-w- d:\program files\Garena\Skin\Flags\kr.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\kh.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\ki.gif
2003-02-07 15:05 . 2003-02-07 15:05 1004 ----a-w- d:\program files\Garena\Skin\Flags\kg.gif
2003-02-07 15:05 . 2003-02-07 15:05 596 ----a-w- d:\program files\Garena\Skin\Flags\jp.gif
2003-02-07 15:05 . 2003-02-07 15:05 1003 ----a-w- d:\program files\Garena\Skin\Flags\ke.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\jm.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\jo.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\is.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\it.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\iq.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\ir.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\in.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\ie.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\il.gif
2003-02-07 15:05 . 2003-02-07 15:05 1006 ----a-w- d:\program files\Garena\Skin\Flags\hu.gif
2003-02-07 15:05 . 2003-02-07 15:05 1005 ----a-w- d:\program files\Garena\Skin\Flags\id.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\hr.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\ht.gif
2003-02-07 15:04 . 2003-02-07 15:04 1005 ----a-w- d:\program files\Garena\Skin\Flags\hk.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\gy.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\gu.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\gt.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\gr.gif
2003-02-07 15:04 . 2003-02-07 15:04 997 ----a-w- d:\program files\Garena\Skin\Flags\gp.gif
2003-02-07 15:04 . 2003-02-07 15:04 1004 ----a-w- d:\program files\Garena\Skin\Flags\gi.gif
2003-02-07 15:04 . 2003-02-07 15:04 1003 ----a-w- d:\program files\Garena\Skin\Flags\gl.gif
2003-02-07 15:04 . 2003-02-07 15:04 581 ----a-w- d:\program files\Garena\Skin\Flags\ge.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\gb.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\ga.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\fo.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\fr.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\fx.gif
2003-02-07 15:04 . 2003-02-07 15:04 1004 ----a-w- d:\program files\Garena\Skin\Flags\fi.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\fj.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\es.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\et.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\eg.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\er.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\ee.gif
2003-02-07 15:04 . 2003-02-07 15:04 1001 ----a-w- d:\program files\Garena\Skin\Flags\dz.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\ec.gif
2003-02-07 15:04 . 2003-02-07 15:04 1001 ----a-w- d:\program files\Garena\Skin\Flags\dk.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\cz.gif
2003-02-07 15:04 . 2003-02-07 15:04 1003 ----a-w- d:\program files\Garena\Skin\Flags\de.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\cv.gif
2003-02-07 15:04 . 2003-02-07 15:04 1005 ----a-w- d:\program files\Garena\Skin\Flags\cy.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\cu.gif
2003-02-07 15:04 . 2003-02-07 15:04 999 ----a-w- d:\program files\Garena\Skin\Flags\co.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\cr.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\cm.gif
2003-02-07 15:04 . 2003-02-07 15:04 579 ----a-w- d:\program files\Garena\Skin\Flags\cn.gif
2003-02-07 15:04 . 2003-02-07 15:04 211 ----a-w- d:\program files\Garena\Skin\Flags\cl.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\ci.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\ck.gif
2003-02-07 15:04 . 2003-02-07 15:04 1001 ----a-w- d:\program files\Garena\Skin\Flags\cg.gif
2003-02-07 15:04 . 2003-02-07 15:04 998 ----a-w- d:\program files\Garena\Skin\Flags\ch.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\cf.gif
2003-02-07 15:04 . 2003-02-07 15:04 1006 ----a-w- d:\program files\Garena\Skin\Flags\bz.gif
2003-02-07 15:04 . 2003-02-07 15:04 1005 ----a-w- d:\program files\Garena\Skin\Flags\ca.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\by.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bt.gif
2003-02-07 15:03 . 2003-02-07 15:03 999 ----a-w- d:\program files\Garena\Skin\Flags\bw.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\br.gif
2003-02-07 15:03 . 2003-02-07 15:03 1004 ----a-w- d:\program files\Garena\Skin\Flags\bs.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bn.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bo.gif
2003-02-07 15:03 . 2003-02-07 15:03 1005 ----a-w- d:\program files\Garena\Skin\Flags\bj.gif
2003-02-07 15:03 . 2003-02-07 15:03 1000 ----a-w- d:\program files\Garena\Skin\Flags\bm.gif
2003-02-07 15:03 . 2003-02-07 15:03 998 ----a-w- d:\program files\Garena\Skin\Flags\bh.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bi.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bg.gif
2003-02-07 15:03 . 2003-02-07 15:03 1003 ----a-w- d:\program files\Garena\Skin\Flags\be.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bf.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\bb.gif
2003-02-07 15:03 . 2003-02-07 15:03 1005 ----a-w- d:\program files\Garena\Skin\Flags\bd.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\az.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\ba.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\au.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\aw.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\ar.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\at.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\an.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\ao.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\am.gif
2003-02-07 15:03 . 2003-02-07 15:03 1005 ----a-w- d:\program files\Garena\Skin\Flags\al.gif
2003-02-07 15:03 . 2003-02-07 15:03 1006 ----a-w- d:\program files\Garena\Skin\Flags\af.gif
2002-05-31 07:24 . 2002-05-31 07:24 9156 ----a-w- d:\program files\Garena\sound\folder.wav
1998-03-26 00:00 . 1998-03-26 00:00 19260 ----a-w- d:\program files\Garena\sound\sysmsg.wav
1998-03-25 16:00 . 1998-03-25 16:00 61292 ----a-w- d:\program files\Garena\sound\game.wav

---- Directory of d:\program files\IDoser v4 ----

2009-05-28 19:17 . 2009-05-28 19:28 394 ----a-w- d:\program files\IDoser v4\temp.xqp
2009-05-28 19:15 . 2009-05-28 19:15 77705 ----a-w- d:\program files\IDoser v4\Uninstal.exe
2007-04-25 03:22 . 2007-04-24 19:49 920446 ----a-w- d:\program files\IDoser v4\I-Doser Tutorial.swf
2007-04-25 03:22 . 2007-03-13 19:20 1198 ----a-w- d:\program files\IDoser v4\Tutorial.htm
2007-04-25 03:09 . 2007-04-28 19:04 182 ----a-w- d:\program files\IDoser v4\I-Doser Tutorial.url
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Titanium_up.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Titanium_over.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Titanium_disabled.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Titanium_down.bmp
2007-04-25 02:31 . 2004-05-07 21:18 5238 ----a-w- d:\program files\IDoser v4\Skins\Buttons\SteelRain_up.bmp
2007-04-25 02:31 . 2004-05-07 21:18 5238 ----a-w- d:\program files\IDoser v4\Skins\Buttons\SteelRain_down.bmp
2007-04-25 02:31 . 2004-05-07 21:18 5238 ----a-w- d:\program files\IDoser v4\Skins\Buttons\SteelRain_over.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Default_up.bmp
2007-04-25 02:31 . 2004-05-07 21:18 5238 ----a-w- d:\program files\IDoser v4\Skins\Buttons\SteelRain_disabled.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Default_over.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\Default_disabled.bmp
2007-04-25 02:31 . 2004-05-07 21:18 2806 ----a-w- d:\program files\IDoser v4\Skins\Buttons\default_down.bmp
2007-04-25 02:31 . 2004-05-07 21:19 6778 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Panel.bmp
2007-04-25 02:31 . 2004-05-07 21:19 3510 ----a-w- d:\program files\IDoser v4\Skins\Default\img_ToolbarBtns.bmp
2007-04-25 02:31 . 2004-05-07 21:19 13110 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Caption_Left.bmp
2007-04-25 02:31 . 2004-05-07 21:19 13878 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Caption_Right.bmp
2007-04-25 02:31 . 2004-05-07 21:19 33462 ----a-w- d:\program files\IDoser v4\Skins\Default\img_ChannelBar.bmp
2007-04-25 02:31 . 2004-05-07 21:19 24534 ----a-w- d:\program files\IDoser v4\Skins\Default\img_ListObject.bmp
2007-04-25 02:31 . 2004-05-07 21:19 1099 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Button_Close.gif
2007-04-25 02:31 . 2004-05-07 21:19 1094 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Button_Maximize.gif
2007-04-25 02:31 . 2004-05-07 21:18 1107 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Button_Minimize.gif
2007-04-25 02:31 . 2004-05-07 21:19 1096 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Button_Restore.gif
2007-04-25 02:31 . 2004-05-07 21:15 7350 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Caption_Center.bmp
2007-04-25 02:31 . 2004-05-07 21:19 1598 ----a-w- d:\program files\IDoser v4\Skins\Default\img_Borders.bmp
2007-04-25 02:31 . 2004-05-07 21:19 7990 ----a-w- d:\program files\IDoser v4\Skins\Default\img_buttons.bmp
2007-04-25 02:31 . 2004-05-07 21:19 3510 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_ToolbarBtns.bmp
2007-04-25 02:31 . 2004-05-07 21:19 3702 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Caption_Left.bmp
2007-04-25 02:31 . 2004-05-07 21:19 13878 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Caption_Right.bmp
2007-04-25 02:31 . 2004-05-07 21:19 33462 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_ChannelBar.bmp
2007-04-25 02:31 . 2004-05-07 21:19 24534 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_ListObject.bmp
2007-04-25 02:31 . 2004-05-07 21:19 17154 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Panel.bmp
2007-04-25 02:31 . 2004-05-07 21:20 20790 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_buttons.bmp
2007-04-25 02:31 . 2004-05-07 21:20 868 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Button_Close.gif
2007-04-25 02:31 . 2004-05-07 21:20 886 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Button_Maximize.gif
2007-04-25 02:31 . 2004-05-07 21:19 853 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Button_Minimize.gif
2007-04-25 02:31 . 2004-05-07 21:19 899 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Button_Restore.gif
2007-04-25 02:31 . 2004-05-07 21:19 7350 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Caption_Center.bmp
2007-04-25 02:31 . 2004-05-07 21:19 1574 ----a-w- d:\program files\IDoser v4\Skins\SteelRain\img_Borders.bmp
2007-04-25 02:31 . 2004-05-07 21:20 6778 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Panel.bmp
2007-04-25 02:31 . 2004-05-07 21:20 3510 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_ToolbarBtns.bmp
2007-04-25 02:31 . 2004-05-07 21:20 33462 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_ChannelBar.bmp
2007-04-25 02:31 . 2004-05-07 21:20 24534 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_ListObject.bmp
2007-04-25 02:31 . 2004-05-07 21:20 1062 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Button_Maximize.gif
2007-04-25 02:31 . 2004-05-07 21:20 1052 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Button_Minimize.gif
2007-04-25 02:31 . 2004-05-07 21:15 1065 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Button_Restore.gif
2007-04-25 02:31 . 2004-05-07 21:20 7350 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Caption_Center.bmp
2007-04-25 02:31 . 2004-05-07 21:20 11574 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Caption_Left.bmp
2007-04-25 02:31 . 2004-05-07 21:20 13878 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Caption_Right.bmp
2007-04-25 02:31 . 2004-05-07 21:20 7604 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_buttons.bmp
2007-04-25 02:31 . 2004-05-07 21:20 1070 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Button_Close.gif
2007-04-25 02:31 . 2004-05-07 21:20 1598 ----a-w- d:\program files\IDoser v4\Skins\Titanium\img_Borders.bmp
2007-04-25 02:31 . 2007-04-25 02:59 243 ----a-w- d:\program files\IDoser v4\Visit I-Doser.com.url
2007-04-25 02:31 . 2007-03-17 16:46 614400 ----a-w- d:\program files\IDoser v4\s1.dll
2007-04-25 02:31 . 2004-05-25 11:05 3638 ----a-w- d:\program files\IDoser v4\IDoser.ico
2007-04-25 02:31 . 2007-04-29 15:10 430159 ----a-w- d:\program files\IDoser v4\IDoser.exe
2007-04-25 02:31 . 2007-04-25 02:59 201 ----a-w- d:\program files\IDoser v4\I-Doser.com Store.url
2005-04-22 18:05 . 2005-04-22 18:05 1150 ----a-w- d:\program files\IDoser v4\IDoserAlt.ico


((((((((((((((((((((((((((((( SnapShot@2009-06-14_20.17.49 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-06-14 20:17 . 2009-06-14 20:17 40960 d:\windows.0\Temp\rtdrvmon.exe
+ 2009-06-15 14:41 . 2009-06-15 14:41 40960 d:\windows.0\temp\rtdrvmon.exe
+ 2009-06-15 14:40 . 2009-06-15 14:40 16384 d:\windows.0\temp\Perflib_Perfdata_5f8.dat
+ 2001-10-25 12:00 . 2009-06-14 20:21 67312 d:\windows.0\system32\perfc009.dat
- 2001-10-25 12:00 . 2009-06-03 14:18 67312 d:\windows.0\system32\perfc009.dat
+ 2001-10-25 12:00 . 2009-06-14 20:21 432356 d:\windows.0\system32\perfh009.dat
- 2001-10-25 12:00 . 2009-06-03 14:18 432356 d:\windows.0\system32\perfh009.dat
.

[nemesis92]

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows.0\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="d:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="d:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"AlcoholAutomount"="d:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="d:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"Lexmark X1100 Series"="d:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"NBKeyScan"="d:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"WinampAgent"="c:\programy\Winamp\winampa.exe" [2009-03-09 37888]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Ad-Watch"="d:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-14 518488]
"BluetoothAuthenticationAgent"="bthprops.cpl" - d:\windows.0\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows.0\System32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\Miçko\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CCC.lnk - d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLI.exe [2008-12-18 49152]
ESET NOD32 Antivirus.lnk - d:\program files\ESET\ESET NOD32 Antivirus\egui.exe [2009-2-6 2021400]
OpenOffice.org 3.0.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]

d:\documents and settings\Gabi\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ESET NOD32 Antivirus.lnk - d:\program files\ESET\ESET NOD32 Antivirus\egui.exe [2009-2-6 2021400]
OpenOffice.org 3.0.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]

d:\documents and settings\Hynek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ESET NOD32 Antivirus.lnk - d:\program files\ESET\ESET NOD32 Antivirus\egui.exe [2009-2-6 2021400]
OpenOffice.org 3.0.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ESET NOD32 Antivirus.lnk - d:\program files\ESET\ESET NOD32 Antivirus\egui.exe [2009-2-6 2021400]
Mˇstnˇ vyhled v nˇ.lnk - d:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "d:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS.0\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Hyneček\\Plocha\\utorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 Lbd;Lbd;d:\windows.0\system32\drivers\Lbd.sys [14.6.2009 9:54 64160]
R1 ehdrv;ehdrv;d:\windows.0\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;d:\windows.0\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;d:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;d:\program files\Lavasoft\Ad-Aware\AAWService.exe [19.1.2009 16:35 1005904]
.
.
------- Doplňkový sken -------
.
TCP: {55F521E9-4794-4B8D-BBBB-FE698B353EB2} = 62.129.50.20,85.135.32.100
FF - ProfilePath -

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-15 16:41
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(596)
d:\windows.0\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows.0\system32\ati2evxx.exe
d:\windows.0\system32\ati2evxx.exe
d:\windows.0\system32\LEXBCES.EXE
d:\windows.0\system32\LEXPPS.EXE
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
d:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
d:\windows.0\system32\searchindexer.exe
d:\windows.0\system32\wbem\unsecapp.exe
d:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
d:\program files\Lexmark X1100 Series\lxbkbmon.exe
d:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
d:\windows.0\system32\rundll32.exe
d:\program files\Common Files\Nero\Lib\NMIndexingService.exe
d:\windows.0\system32\searchprotocolhost.exe
d:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
d:\windows.0\system32\taskmgr.exe
d:\windows.0\system32\searchfilterhost.exe
.
**************************************************************************
.
Celkový čas: 2009-06-15 16:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-06-15 14:47
ComboFix2.txt 2009-06-15 05:00
ComboFix3.txt 2009-06-14 21:10
ComboFix4.txt 2009-06-14 20:24

Před spuštěním: 2 715 688 960
Po spuštění: 2 695 409 664

753 --- E O F --- 2009-06-10 12:23


log z Combofixu ma vic nez 60 000 znaku tak sem to musel rozdelit

[nemesis92]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:14, on 15.6.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
D:\WINDOWS.0\System32\smss.exe
D:\WINDOWS.0\system32\winlogon.exe
D:\WINDOWS.0\system32\services.exe
D:\WINDOWS.0\system32\lsass.exe
D:\WINDOWS.0\system32\Ati2evxx.exe
D:\WINDOWS.0\system32\svchost.exe
D:\WINDOWS.0\System32\svchost.exe
D:\WINDOWS.0\system32\svchost.exe
D:\WINDOWS.0\system32\Ati2evxx.exe
D:\WINDOWS.0\system32\LEXBCES.EXE
D:\WINDOWS.0\system32\LEXPPS.EXE
D:\WINDOWS.0\system32\spoolsv.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
D:\WINDOWS.0\System32\svchost.exe
D:\WINDOWS.0\system32\SearchIndexer.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
D:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\WINDOWS.0\system32\rundll32.exe
D:\WINDOWS.0\system32\ctfmon.exe
D:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
D:\Program Files\Windows Desktop Search\WindowsSearch.exe
D:\WINDOWS.0\system32\SearchProtocolHost.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
D:\WINDOWS.0\system32\taskmgr.exe
D:\DOCUME~1\Hynek\LOCALS~1\Temp\Rar$EX02.907\HijackThis.exe
D:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\PROGRAMY\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Ad-Watch] D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS.0\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS.0\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ESET NOD32 Antivirus.lnk = D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - Startup: OpenOffice.org 3.0.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: ESET NOD32 Antivirus.lnk = D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - Global Startup: Místní vyhledávání.lnk = D:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8786884449
O17 - HKLM\System\CCS\Services\Tcpip\..\{55F521E9-4794-4B8D-BBBB-FE698B353EB2}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS.0\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS.0\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS.0\system32\LEXBCES.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6673 bytes

Log z HIjack..este skontroluju ty soubory

[nemesis92]

http://www.virustotal.com/cs/analisis/6 ... 1244956164

http://www.virustotal.com/cs/analisis/b ... 1238873233

http://www.virustotal.com/cs/analisis/c ... 1240940342

tak todle sou odkazy z virustotalu

[Damned]

Ten userinit ještě jednou a cygwin1 taky. Pokud ti nabídne možnost, že už byl soubor kontrolován, zkontroluj znova.
Potřebuju znát tvé soubory.

[nemesis92]

http://www.virustotal.com/cs/analisis/c ... 1245078897

http://www.virustotal.com/cs/analisis/6 ... 1245078908

tak tu sou ty další dva testy:-D

[Damned]

Kolik tam máš účtů? Zkusíme vypnout toho NODa.

Spusť HJT, vypni prohlížeče, odpoj se od internetu a fixni (zatrhnout políčko před hodnotou zmáčknout
"Fix checked"):

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
****************************************************************************************************************************************
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad
a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

sc config ESET Service start= disabled
sc config ekrn start= disable
sc stop ekrn
sc stop ESET Service

ulož si ho na plochu jako-název remove.bat a ulož ho jako typ
všechny soubory , najdi na ploše tento soubor , spusť ho poklepáním.
Otevře se Dosovské okno a zavře. Spusť HJT a podívej se zda tam máš ty hodnoty ESET (O23).
Pokud ano, restartuj comp.
Pokud ne tak(a po případném restartu):
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

File::
d:\windows.0\ativpsrm.bin
d:\windows.0\Temp\rtdrvmon.exe
d:\windows.0\temp\rtdrvmon.exe
d:\windows.0\system32\cygz.dll
d:\windows.0\cygz.dll

Folder::
d:\program files\Conduit




Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[Danator]

Divné ..... něco přestalo fungovat reinstall windows

[nemesis92]

takže pokud nezabere tohle... tak už to mužu rovnou reinstalovat jo?..