prosim o kontrolu logu
Napsal: 17 lis 2012 01:28
Dobrý den,
dostávám totální sadu! Můj account na blizzardu hacknut pred mesicem, resil jsem to tady. Vsechno jsme vycistili. Dneska ranov 00:04 opet snaha o zmenu meho hesla na blizzardu? Jak???? Zmenil jsem heslo na me poste (emailu) na blizzardu taktez. Prijdu domu z hospody a totez.....opet utok a snaha o likvidaci meho uctu na blizzardu!!!!!!!!!! Kurva nekdo se mi sakra a dobre hrabe v kompu!!! Sleduje kazde heslo co napisu o tom neni pochyb! Mam Strach! Prosim o pomoc...davam log
Logfile of random's system information tool 1.09 (written by random/random)
Run by Nasgharet at 2012-11-17 01:18:26
Microsoft Windows 7 Home Premium
System drive C: has 31 GB (31%) free of 100 GB
Total RAM: 4095 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:18:30, on 17.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe
C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
D:\---Download---\RSIT.exe
C:\Program Files (x86)\trend micro\Nasgharet.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AppVodBurner] C:\Program Files (x86)\VodBurner\vodburner.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9269 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Nasgharet\AppData\Roaming\Mozilla\Firefox\Profiles\1kc8j041.default-1348185830213
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-05 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-05 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"Aeria Ignite"=C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [2012-09-10 1411224]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-15 2254768]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"ICQ"=C:\Program Files (x86)\ICQ7M\ICQ.exe [2012-09-05 127040]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-10-18 1353080]
"AppVodBurner"=C:\Program Files (x86)\VodBurner\vodburner.exe [2012-10-22 4688896]
"Akamai NetSession Interface"=C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe [2012-10-09 4441920]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-20 16:54:04 ----A---- C:\Windows\SysWOW64\npptNT2.sys
2012-12-20 16:41:25 ----D---- C:\Users\Nasgharet\AppData\Roaming\InstallShield
2012-11-17 01:18:26 ----D---- C:\Program Files (x86)\trend micro
2012-11-16 23:51:03 ----D---- C:\Windows\SysWOW64\directx
2012-11-16 14:59:16 ----D---- C:\Users\Nasgharet\AppData\Roaming\Nero
2012-11-16 14:51:25 ----A---- C:\Windows\Irremote.ini
2012-11-16 14:50:17 ----D---- C:\ProgramData\Nero
2012-11-16 14:50:17 ----D---- C:\Program Files (x86)\Nero
2012-11-16 14:50:17 ----D---- C:\Program Files (x86)\Common Files\Nero
2012-11-16 14:42:19 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-16 08:11:55 ----D---- C:\ProgramData\Aeria Games
2012-11-16 08:08:22 ----SHD---- C:\Windows\SysWOW64\AI_RecycleBin
2012-11-16 08:08:22 ----D---- C:\Program Files (x86)\Aeria Games
2012-11-16 01:11:14 ----D---- C:\AeriaGames
2012-11-07 10:02:36 ----D---- C:\Program Files (x86)\PokerStars.BE
2012-11-07 09:48:00 ----D---- C:\Program Files (x86)\Full Tilt Poker
2012-11-01 08:41:46 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-11-01 08:41:46 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-11-01 08:41:46 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-11-01 08:41:45 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-11-01 08:41:45 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-11-01 08:41:44 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2012-11-01 08:41:44 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-11-01 08:41:44 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-11-01 08:41:41 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2012-11-01 08:41:40 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-11-01 08:41:39 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-11-01 08:41:38 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-11-01 08:41:38 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-11-01 08:41:37 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-11-01 08:41:37 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2012-11-01 08:41:36 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2012-11-01 08:41:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2012-11-01 08:41:34 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-11-01 08:41:34 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2012-11-01 08:41:34 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-11-01 08:41:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-11-01 08:41:33 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-11-01 08:41:33 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-11-01 08:41:31 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-11-01 08:41:31 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-11-01 08:41:31 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-11-01 08:41:30 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2012-11-01 08:41:30 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-11-01 08:41:30 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-11-01 08:41:28 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-11-01 08:41:28 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-11-01 08:41:28 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-11-01 08:41:27 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-11-01 08:41:27 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-11-01 08:41:26 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-11-01 08:41:26 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-11-01 08:41:26 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-11-01 08:41:25 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-11-01 08:41:25 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-11-01 08:41:24 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-11-01 08:41:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-11-01 08:41:23 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-11-01 08:41:23 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-11-01 08:41:22 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-11-01 08:41:22 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-11-01 08:41:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-11-01 08:41:20 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-11-01 08:41:19 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-11-01 08:41:19 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-11-01 08:41:19 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-11-01 08:41:18 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-11-01 08:41:17 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-11-01 08:41:17 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-11-01 08:41:16 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-11-01 08:41:16 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-11-01 08:41:16 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2012-11-01 08:41:15 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-11-01 08:41:14 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-11-01 08:41:14 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-11-01 08:41:14 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-11-01 08:41:08 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-11-01 08:41:07 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-11-01 08:41:07 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-11-01 08:41:06 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-11-01 08:41:06 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-11-01 08:41:05 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-11-01 08:41:04 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-10-30 16:07:15 ----D---- C:\Users\Nasgharet\AppData\Roaming\Sun
2012-10-25 15:10:42 ----D---- C:\Program Files (x86)\VodBurner
2012-10-18 22:34:46 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-10-18 22:34:45 ----D---- C:\Program Files (x86)\Steam
2012-10-18 10:01:15 ----D---- C:\Users\Nasgharet\AppData\Roaming\.minecraft
2012-10-18 09:37:10 ----D---- C:\Users\Nasgharet\AppData\Roaming\.techniclauncher
======List of files/folders modified in the last 1 month======
2012-12-20 16:42:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-20 16:02:29 ----SD---- C:\Users\Nasgharet\AppData\Roaming\Microsoft
2012-11-17 01:18:30 ----D---- C:\Windows\Prefetch
2012-11-17 01:18:29 ----D---- C:\Windows\Temp
2012-11-17 01:18:26 ----RD---- C:\Program Files (x86)
2012-11-16 23:51:03 ----D---- C:\Windows\SysWOW64
2012-11-16 23:51:01 ----SHD---- C:\Windows\Installer
2012-11-16 23:51:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-11-16 15:20:25 ----D---- C:\Users\Nasgharet\AppData\Roaming\vlc
2012-11-16 15:01:46 ----D---- C:\Windows\System32
2012-11-16 15:01:46 ----D---- C:\Windows\inf
2012-11-16 14:56:23 ----D---- C:\Users\Nasgharet\AppData\Roaming\ICQ
2012-11-16 14:53:29 ----D---- C:\Windows\winsxs
2012-11-16 14:51:25 ----D---- C:\Windows
2012-11-16 14:51:02 ----RSD---- C:\Windows\assembly
2012-11-16 14:50:17 ----HD---- C:\ProgramData
2012-11-16 14:50:17 ----D---- C:\Program Files (x86)\Common Files
2012-11-16 14:50:16 ----D---- C:\Windows\Cursors
2012-11-16 14:49:34 ----SHD---- C:\System Volume Information
2012-11-16 14:20:00 ----D---- C:\Users\Nasgharet\AppData\Roaming\Azureus
2012-11-15 09:12:00 ----D---- C:\Users\Nasgharet\AppData\Roaming\Skype
2012-11-01 08:41:11 ----D---- C:\Windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-15 2461104]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-02 529744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
dostávám totální sadu! Můj account na blizzardu hacknut pred mesicem, resil jsem to tady. Vsechno jsme vycistili. Dneska ranov 00:04 opet snaha o zmenu meho hesla na blizzardu? Jak???? Zmenil jsem heslo na me poste (emailu) na blizzardu taktez. Prijdu domu z hospody a totez.....opet utok a snaha o likvidaci meho uctu na blizzardu!!!!!!!!!! Kurva nekdo se mi sakra a dobre hrabe v kompu!!! Sleduje kazde heslo co napisu o tom neni pochyb! Mam Strach! Prosim o pomoc...davam log
Logfile of random's system information tool 1.09 (written by random/random)
Run by Nasgharet at 2012-11-17 01:18:26
Microsoft Windows 7 Home Premium
System drive C: has 31 GB (31%) free of 100 GB
Total RAM: 4095 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:18:30, on 17.11.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe
C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
D:\---Download---\RSIT.exe
C:\Program Files (x86)\trend micro\Nasgharet.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AppVodBurner] C:\Program Files (x86)\VodBurner\vodburner.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9269 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Nasgharet\AppData\Roaming\Mozilla\Firefox\Profiles\1kc8j041.default-1348185830213
prefs.js - "browser.startup.homepage" - "http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-05 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-05 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"Aeria Ignite"=C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [2012-09-10 1411224]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-11-15 2254768]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"ICQ"=C:\Program Files (x86)\ICQ7M\ICQ.exe [2012-09-05 127040]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-10-18 1353080]
"AppVodBurner"=C:\Program Files (x86)\VodBurner\vodburner.exe [2012-10-22 4688896]
"Akamai NetSession Interface"=C:\Users\Nasgharet\AppData\Local\Akamai\netsession_win.exe [2012-10-09 4441920]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-20 16:54:04 ----A---- C:\Windows\SysWOW64\npptNT2.sys
2012-12-20 16:41:25 ----D---- C:\Users\Nasgharet\AppData\Roaming\InstallShield
2012-11-17 01:18:26 ----D---- C:\Program Files (x86)\trend micro
2012-11-16 23:51:03 ----D---- C:\Windows\SysWOW64\directx
2012-11-16 14:59:16 ----D---- C:\Users\Nasgharet\AppData\Roaming\Nero
2012-11-16 14:51:25 ----A---- C:\Windows\Irremote.ini
2012-11-16 14:50:17 ----D---- C:\ProgramData\Nero
2012-11-16 14:50:17 ----D---- C:\Program Files (x86)\Nero
2012-11-16 14:50:17 ----D---- C:\Program Files (x86)\Common Files\Nero
2012-11-16 14:42:19 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-16 08:11:55 ----D---- C:\ProgramData\Aeria Games
2012-11-16 08:08:22 ----SHD---- C:\Windows\SysWOW64\AI_RecycleBin
2012-11-16 08:08:22 ----D---- C:\Program Files (x86)\Aeria Games
2012-11-16 01:11:14 ----D---- C:\AeriaGames
2012-11-07 10:02:36 ----D---- C:\Program Files (x86)\PokerStars.BE
2012-11-07 09:48:00 ----D---- C:\Program Files (x86)\Full Tilt Poker
2012-11-01 08:41:46 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-11-01 08:41:46 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-11-01 08:41:46 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-11-01 08:41:45 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-11-01 08:41:45 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-11-01 08:41:44 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2012-11-01 08:41:44 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-11-01 08:41:44 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-11-01 08:41:41 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2012-11-01 08:41:40 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-11-01 08:41:39 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-11-01 08:41:38 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-11-01 08:41:38 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-11-01 08:41:37 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-11-01 08:41:37 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2012-11-01 08:41:36 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2012-11-01 08:41:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2012-11-01 08:41:34 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-11-01 08:41:34 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2012-11-01 08:41:34 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-11-01 08:41:33 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-11-01 08:41:33 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-11-01 08:41:33 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-11-01 08:41:32 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-11-01 08:41:31 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-11-01 08:41:31 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-11-01 08:41:31 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-11-01 08:41:30 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2012-11-01 08:41:30 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2012-11-01 08:41:30 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-11-01 08:41:29 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-11-01 08:41:28 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-11-01 08:41:28 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-11-01 08:41:28 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-11-01 08:41:27 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-11-01 08:41:27 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-11-01 08:41:26 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-11-01 08:41:26 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-11-01 08:41:26 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-11-01 08:41:25 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-11-01 08:41:25 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-11-01 08:41:24 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-11-01 08:41:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-11-01 08:41:23 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-11-01 08:41:23 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-11-01 08:41:22 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-11-01 08:41:22 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-11-01 08:41:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-11-01 08:41:21 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-11-01 08:41:20 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-11-01 08:41:19 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-11-01 08:41:19 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-11-01 08:41:19 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-11-01 08:41:18 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-11-01 08:41:17 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-11-01 08:41:17 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-11-01 08:41:16 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-11-01 08:41:16 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-11-01 08:41:16 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2012-11-01 08:41:15 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-11-01 08:41:14 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-11-01 08:41:14 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-11-01 08:41:14 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-11-01 08:41:08 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-11-01 08:41:07 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-11-01 08:41:07 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-11-01 08:41:06 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-11-01 08:41:06 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-11-01 08:41:05 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-11-01 08:41:04 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-10-30 16:07:15 ----D---- C:\Users\Nasgharet\AppData\Roaming\Sun
2012-10-25 15:10:42 ----D---- C:\Program Files (x86)\VodBurner
2012-10-18 22:34:46 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-10-18 22:34:45 ----D---- C:\Program Files (x86)\Steam
2012-10-18 10:01:15 ----D---- C:\Users\Nasgharet\AppData\Roaming\.minecraft
2012-10-18 09:37:10 ----D---- C:\Users\Nasgharet\AppData\Roaming\.techniclauncher
======List of files/folders modified in the last 1 month======
2012-12-20 16:42:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-12-20 16:02:29 ----SD---- C:\Users\Nasgharet\AppData\Roaming\Microsoft
2012-11-17 01:18:30 ----D---- C:\Windows\Prefetch
2012-11-17 01:18:29 ----D---- C:\Windows\Temp
2012-11-17 01:18:26 ----RD---- C:\Program Files (x86)
2012-11-16 23:51:03 ----D---- C:\Windows\SysWOW64
2012-11-16 23:51:01 ----SHD---- C:\Windows\Installer
2012-11-16 23:51:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-11-16 15:20:25 ----D---- C:\Users\Nasgharet\AppData\Roaming\vlc
2012-11-16 15:01:46 ----D---- C:\Windows\System32
2012-11-16 15:01:46 ----D---- C:\Windows\inf
2012-11-16 14:56:23 ----D---- C:\Users\Nasgharet\AppData\Roaming\ICQ
2012-11-16 14:53:29 ----D---- C:\Windows\winsxs
2012-11-16 14:51:25 ----D---- C:\Windows
2012-11-16 14:51:02 ----RSD---- C:\Windows\assembly
2012-11-16 14:50:17 ----HD---- C:\ProgramData
2012-11-16 14:50:17 ----D---- C:\Program Files (x86)\Common Files
2012-11-16 14:50:16 ----D---- C:\Windows\Cursors
2012-11-16 14:49:34 ----SHD---- C:\System Volume Information
2012-11-16 14:20:00 ----D---- C:\Users\Nasgharet\AppData\Roaming\Azureus
2012-11-15 09:12:00 ----D---- C:\Users\Nasgharet\AppData\Roaming\Skype
2012-11-01 08:41:11 ----D---- C:\Windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-15 2461104]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-02 529744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odinstalujte Akamai
Já zatím nic neříkal.
To jsem si nejak v te chvili neuvedomil 
