Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Double-checking a computer connected to previously infected router


  • This topic is locked This topic is locked
10 replies to this topic

#1 reglas

reglas

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 22 January 2015 - 06:51 AM

Hi,

 

it seems like we solved the problem with infected router and my computer. There is one more PC, that I would like to double-check.

 

OS: Windows XP 32-bit

 

Note to mods: Oh My! will help me with this one. too.

 

Thank you for your time, Gary.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:22 PM

Posted 22 January 2015 - 09:34 AM

Welcome back Kristina,

By now you should know the routine so I will skip the formalities! :)

Please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop <<< Important
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 reglas

reglas
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 22 January 2015 - 01:06 PM

Yep, here are the logs.

 

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by MALIKOVI (administrator) on DOMA on 22-01-2015 18:29:48
Running from C:\Documents and Settings\MALIKOVI\Plocha
Loaded Profiles: MALIKOVI (Available profiles: MALIKOVI)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
() C:\WINDOWS\jmesoft\Service.exea
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Lenovo) C:\WINDOWS\jmesoft\hotkey.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technacologies\ATI.ACE\Core-Static\MOM.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Nokia) C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
() C:\WINDOWS\jmesoft\JME_LOAD.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nokia.) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
() C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20053608 2011-05-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-07-20] (Lenovo)
HKLM\...\Run: [jmesoft] => C:\WINDOWS\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [196608 2001-11-01] (HP)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] => c:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-484763869-884357618-842925246-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-884357618-842925246-1003\...\Run: [NokiaPCInternetAccess] => C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [536576 2008-05-07] (Nokia)
HKU\S-1-5-21-484763869-884357618-842925246-1003\...\MountPoints2: {1ca0fea6-4547-11e2-bebf-50af731df012} - D:\NokiaPCIA_Autorun.exe
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-484763869-884357618-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-484763869-884357618-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Toolbar: HKU\S-1-5-21-484763869-884357618-842925246-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\MALIKOVI\Data aplikací\Mozilla\Firefox\Profiles\9cc92wfp.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Documents and Settings\MALIKOVI\Data aplikací\Mozilla\Firefox\Profiles\9cc92wfp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2011-07-29] (ATI Technologies Inc.) [File not signed]
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET)
R2 JME Keyboard; C:\WINDOWS\jmesoft\Service.exe [32768 2011-03-15] () [File not signed]
R3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [353792 2008-02-12] (Nokia.) [File not signed]
R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{5011AC51-0C6C-434F-9E56-B3557B9D203A}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2012-10-03] (Cisco Systems, Inc.) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 andnetadb; C:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc)
S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23168 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2014-05-27] (LG Electronics Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [7084544 2011-07-29] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [101392 2011-03-30] (Advanced Micro Devices)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R3 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [119792 2014-10-10] (ESET)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nusb3hub; C:\WINDOWS\System32\DRIVERS\nusb3hub.sys [67456 2011-04-13] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\WINDOWS\System32\DRIVERS\nusb3xhc.sys [161024 2011-04-13] (Renesas Electronics Corporation)
R3 RSUSBVSTOR; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [229480 2011-03-15] (Realtek Semiconductor Corp.)
S3 RTL8192Ce; C:\WINDOWS\System32\DRIVERS\rtl8192Ce.sys [1253864 2012-03-08] (Realtek Semiconductor Corporation                           )
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 18:29 - 2015-01-22 18:30 - 00010256 _____ () C:\Documents and Settings\MALIKOVI\Plocha\FRST.txt
2015-01-22 18:29 - 2015-01-22 18:29 - 00000000 ____D () C:\FRST
2015-01-22 18:28 - 2015-01-22 18:28 - 01118208 _____ (Farbar) C:\Documents and Settings\MALIKOVI\Plocha\FRST.exe
2015-01-17 18:57 - 2015-01-17 19:02 - 00009904 _____ () C:\WINDOWS\wininit.ini
2015-01-17 18:13 - 2015-01-17 18:13 - 00000000 ____D () C:\Documents and Settings\LocalService\Nabídka Start\Programy
2015-01-17 18:13 - 2015-01-17 18:13 - 00000000 ____D () C:\Documents and Settings\LocalService\Nabídka Start
2015-01-17 18:10 - 2015-01-17 19:02 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-01-17 18:09 - 2015-01-17 19:03 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-17 18:09 - 2015-01-17 19:02 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2015-01-17 15:41 - 2015-01-17 15:41 - 01171816 _____ () C:\Documents and Settings\MALIKOVI\Plocha\201121711173513.zip
2015-01-17 15:41 - 2015-01-17 15:41 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Plocha\201121711173513
2015-01-17 12:20 - 2015-01-17 12:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-17 00:33 - 2015-01-17 18:58 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2015-01-10 17:51 - 2015-01-10 18:08 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Plocha\ru
2015-01-06 18:06 - 2015-01-06 18:43 - 00072704 _____ () C:\Documents and Settings\MALIKOVI\Plocha\dusan.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 18:30 - 2012-10-03 15:13 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Local Settings\Temp
2015-01-22 18:29 - 2012-10-03 15:13 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Plocha
2015-01-22 18:27 - 2012-10-03 15:02 - 01875488 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-20 14:50 - 2013-02-17 15:50 - 00351866 _____ () C:\WINDOWS\setupapi.log
2015-01-20 14:45 - 2006-03-02 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-20 14:44 - 2014-03-28 22:55 - 00000228 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-01-20 14:44 - 2013-03-19 17:24 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-20 14:44 - 2012-10-03 15:10 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-20 14:44 - 2012-10-03 01:02 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-20 14:44 - 2012-10-03 01:02 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-20 11:26 - 2012-10-03 15:32 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-20 11:26 - 2012-10-03 15:13 - 00000272 ___SH () C:\Documents and Settings\MALIKOVI\ntuser.ini
2015-01-20 11:26 - 2012-10-03 15:10 - 00032558 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-19 01:12 - 2012-10-04 09:29 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-19 01:11 - 2013-03-19 17:24 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 23:11 - 2012-10-03 15:13 - 00000000 ___HD () C:\Documents and Settings\MALIKOVI\Local Settings\Data aplikací
2015-01-17 20:18 - 2012-10-24 17:42 - 00040128 _____ () C:\Documents and Settings\MALIKOVI\intlname.ols
2015-01-17 20:18 - 2012-10-03 12:02 - 00002531 _____ () C:\Documents and Settings\MALIKOVI\Plocha\nova_posta.lnk
2015-01-17 19:02 - 2012-10-03 00:55 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-01-17 19:02 - 2012-10-03 00:55 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-01-17 18:13 - 2012-10-03 15:10 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-17 18:09 - 2012-10-03 00:55 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-01-17 18:08 - 2012-10-03 10:19 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Dokumenty\Preberanie
2015-01-17 16:12 - 2012-10-03 10:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-16 12:26 - 2012-10-03 15:13 - 00001599 _____ () C:\Documents and Settings\MALIKOVI\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-01-15 03:05 - 2013-08-17 11:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 03:00 - 2012-10-03 11:05 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 17:44 - 2014-11-09 08:56 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Plocha\47
2015-01-14 09:12 - 2012-10-04 09:29 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-14 09:12 - 2012-10-04 09:29 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-13 14:07 - 2014-10-18 14:38 - 00002433 _____ () C:\Documents and Settings\MALIKOVI\Plocha\Ikar_1.lnk
2015-01-10 17:44 - 2012-10-04 09:16 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Plocha\kluce
2015-01-01 21:34 - 2012-10-04 09:01 - 00000000 ____D () C:\VALIKA
2014-12-30 17:02 - 2012-10-04 09:14 - 00000468 _____ () C:\Documents and Settings\MALIKOVI\Dokumenty\spider.sav
2014-12-24 17:56 - 2014-10-26 13:34 - 00000000 ____D () C:\Documents and Settings\MALIKOVI\Data aplikací\Skype
2014-12-24 17:51 - 2014-10-26 13:33 - 00002273 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk

Some content of TEMP:
====================
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\DelayInst.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfaicm.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfback.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinst.dll
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinstx.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfiui.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfmicm.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\installservice.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vcredist9_x86.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vpnclient_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================



Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by MALIKOVI at 2015-01-22 18:30:56
Running from C:\Documents and Settings\MALIKOVI\Plocha
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aktualizace systému Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB955704) (HKLM\...\KB955704) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení pro Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení produktu Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2510581) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2544521) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2744842) (HKLM\...\KB2744842) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2884256) (HKLM\...\KB2884256) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
Aktualizace zabezpečení systému Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
AMD Catalyst Install Manager (HKLM\...\{74C0BD76-51CA-BC13-15F0-2DAA8B60D179}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Balíček ovladače systému Windows - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
ESET NOD32 Antivirus (HKLM\...\{312F0FE4-11A7-4D46-918B-24B3713E0E15}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
hp deskjet 656c series (HKLM\...\hp deskjet 656c series_Driver) (Version:  - )
Lenovo Blacksilk USB Keyboard Driver (HKLM\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.5.11.0720 - Lenovo)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.18.20140626 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{9011041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 sk) (HKLM\...\Mozilla Firefox 35.0 (x86 sk)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Nokia Connectivity Cable Driver (HKLM\...\{FE9DAD0B-9BA9-4E48-93E8-FB4D8DDE230B}) (Version: 6.85.15.0 - Nokia)
Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 1.0.12.2 - Nokia)
Nokia PC Internet Access (Version: 1.0.12.2 - Nokia) Hidden
Oprava Hotfix systému Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB932716-v2) (HKLM\...\KB932716-v2) (Version: 2 - Microsoft Corporation)
PC Connectivity Solution Lite (HKLM\...\{90DE9737-9E45-4942-A34B-FC31C2B3C642}) (Version: 5.8.10.0 - Nokia)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6392 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Skins (Version: 2011.0728.1723.29300 - Advanced Micro Devices, Inc.) Hidden
Skype™ 6.22 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.15723 - TeamViewer)
ThinkPad Wireless LAN Adapter Software (HKLM\...\{556B23E2-30FF-4133-98F4-014943322F2B}) (Version: 1.00.0031.1 - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-10-2014 16:24:12 Kontrolní bod systému
24-10-2014 16:45:50 Kontrolní bod systému
25-10-2014 19:28:06 Kontrolní bod systému
26-10-2014 20:01:04 Kontrolní bod systému
29-10-2014 18:36:17 Kontrolní bod systému
01-11-2014 10:39:28 Software Distribution Service 3.0
02-11-2014 11:57:55 Kontrolní bod systému
03-11-2014 17:14:35 Kontrolní bod systému
04-11-2014 22:01:21 Kontrolní bod systému
05-11-2014 23:26:53 Kontrolní bod systému
07-11-2014 17:49:02 Kontrolní bod systému
08-11-2014 17:49:15 Kontrolní bod systému
10-11-2014 18:07:42 Kontrolní bod systému
12-11-2014 18:42:53 Kontrolní bod systému
13-11-2014 21:23:53 Software Distribution Service 3.0
14-11-2014 21:33:45 Kontrolní bod systému
16-11-2014 09:40:37 Kontrolní bod systému
17-11-2014 11:21:50 Kontrolní bod systému
18-11-2014 20:15:23 Kontrolní bod systému
19-11-2014 21:11:08 Kontrolní bod systému
21-11-2014 08:27:33 Kontrolní bod systému
22-11-2014 09:32:30 Kontrolní bod systému
23-11-2014 11:32:31 Kontrolní bod systému
27-11-2014 17:10:32 Kontrolní bod systému
03-12-2014 00:31:42 Kontrolní bod systému
04-12-2014 01:18:25 Kontrolní bod systému
05-12-2014 02:18:07 Kontrolní bod systému
06-12-2014 04:18:07 Kontrolní bod systému
11-12-2014 09:05:06 Software Distribution Service 3.0
12-12-2014 10:56:38 Kontrolní bod systému
13-12-2014 12:07:24 Kontrolní bod systému
14-12-2014 09:02:34 Odstránené: ESET NOD32 Antivirus
14-12-2014 09:03:22 Nainštalované: ESET NOD32 Antivirus
15-12-2014 09:21:13 Kontrolní bod systému
16-12-2014 20:18:34 Kontrolní bod systému
17-12-2014 21:29:34 Kontrolní bod systému
19-12-2014 13:07:39 Kontrolní bod systému
20-12-2014 14:36:30 Kontrolní bod systému
21-12-2014 16:10:58 Kontrolní bod systému
23-12-2014 16:57:00 Kontrolní bod systému
25-12-2014 12:35:42 Kontrolní bod systému
26-12-2014 17:05:09 Kontrolní bod systému
28-12-2014 19:50:19 Kontrolní bod systému
29-12-2014 21:34:13 Kontrolní bod systému
31-12-2014 15:35:23 Kontrolní bod systému
01-01-2015 17:33:42 Kontrolní bod systému
02-01-2015 18:47:08 Kontrolní bod systému
03-01-2015 21:17:18 Kontrolní bod systému
04-01-2015 22:47:23 Kontrolní bod systému
06-01-2015 09:49:28 Kontrolní bod systému
09-01-2015 21:55:52 Kontrolní bod systému
10-01-2015 23:00:29 Kontrolní bod systému
11-01-2015 23:47:29 Kontrolní bod systému
12-01-2015 23:49:14 Kontrolní bod systému
14-01-2015 09:59:37 Kontrolní bod systému
15-01-2015 03:00:16 Software Distribution Service 3.0
16-01-2015 12:50:36 Kontrolní bod systému
17-01-2015 13:52:05 Kontrolní bod systému
18-01-2015 16:36:28 Kontrolní bod systému
19-01-2015 22:38:29 Kontrolní bod systému

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-03-02 13:00 - 2006-03-02 13:00 - 00000737 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2010-09-27 11:03 - 2010-09-27 11:03 - 00201512 _____ () C:\WINDOWS\system32\vpnapi.dll
2012-10-03 15:39 - 2011-03-15 17:17 - 00032768 _____ () C:\WINDOWS\jmesoft\Service.exe
2008-05-27 07:34 - 2008-05-27 07:34 - 00011776 _____ () C:\Program Files\Nokia\PC Internet Access\TextResources_cze.nlr
2008-04-15 09:45 - 2008-04-15 09:45 - 04247552 _____ () C:\Program Files\Nokia\PC Internet Access\GraphicsResources.ngr
2012-10-03 15:39 - 2011-05-17 10:24 - 00024576 _____ () C:\WINDOWS\jmesoft\JME_LOAD.exe
2012-10-03 15:39 - 2011-05-17 09:57 - 00028672 _____ () C:\WINDOWS\jmesoft\hidhook.dll
2010-03-16 08:52 - 2010-03-16 08:52 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2011-07-28 13:52 - 2011-07-28 13:52 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2008-02-12 11:11 - 2008-02-12 11:11 - 00129536 _____ () C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Documents and Settings\MALIKOVI\Plocha\kotol_navod.pdf:SummaryInformation
AlternateDataStreams: C:\Documents and Settings\MALIKOVI\Plocha\kotol_navod.pdf:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-484763869-884357618-842925246-500 - Administrator - Enabled)
Guest (S-1-5-21-484763869-884357618-842925246-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-484763869-884357618-842925246-1000 - Limited - Disabled)
MALIKOVI (S-1-5-21-484763869-884357618-842925246-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\MALIKOVI
SUPPORT_388945a0 (S-1-5-21-484763869-884357618-842925246-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192Ce
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2015 10:26:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace mbam.exe, verze 1.0.1.711, chybující modul msvcr100.dll, verze 10.0.40219.325, adresa chyby 0x0008d6fd.
Zpracování události, specifické pro médium ([mbam.exe!ws!])

Error: (01/15/2015 09:58:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace mbam.exe, verze 1.0.1.711, chybující modul msvcr100.dll, verze 10.0.40219.325, adresa chyby 0x0008d6fd.
Zpracování události, specifické pro médium ([mbam.exe!ws!])

Error: (12/15/2014 00:36:49 PM) (Source: Microsoft Office 11) (EventID: 1000) (User: )
Description: Faulting application powerpnt.exe, version 11.0.8169.0, stamp 465f279c, faulting module flash6.ocx, version 6.0.88.0, stamp 44c8ff05, debug? 0, fault address 0x000334c5.

Error: (10/17/2014 06:20:31 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error: (09/15/2014 04:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace plugin-container.exe, verze 32.0.1.5367, chybující modul mozalloc.dll, verze 32.0.1.5367, adresa chyby 0x0000141b.
Zpracování události, specifické pro médium ([plugin-container.exe!ws!])


System errors:
=============
Error: (01/17/2015 06:10:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spybot-S&D 2 Security Center Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/17/2015 06:10:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Vypršel časový limit (30000 milisekund) čekání na připojení služby Spybot-S&D 2 Security Center Service.

Error: (01/13/2015 01:48:54 PM) (Source: 0) (EventID: 4311) (User: )
Description:

Error: (01/13/2015 01:48:54 PM) (Source: 0) (EventID: 4311) (User: )
Description:

Error: (01/13/2015 01:48:54 PM) (Source: 0) (EventID: 2000) (User: )
Description: \Device\LanmanServer

Error: (01/13/2015 01:48:54 PM) (Source: 0) (EventID: 2000) (User: )
Description: \Device\LanmanServer

Error: (01/13/2015 01:48:28 PM) (Source: 0) (EventID: 2000) (User: )
Description: \Device\LanmanServer

Error: (01/13/2015 01:48:28 PM) (Source: 0) (EventID: 2000) (User: )
Description: \Device\LanmanServer

Error: (12/11/2014 00:18:12 AM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Zapůjčení adresy IP počítače 192.168.1.100 pro
síťovou kartu se síťovou adresou 50AF731DF012 byla ukončena.


Microsoft Office Sessions:
=========================
Error: (01/15/2015 10:26:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711msvcr100.dll10.0.40219.3250008d6fd

Error: (01/15/2015 09:58:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711msvcr100.dll10.0.40219.3250008d6fd

Error: (12/15/2014 00:36:49 PM) (Source: Microsoft Office 11) (EventID: 1000) (User: )
Description: powerpnt.exe11.0.8169.0465f279cflash6.ocx6.0.88.044c8ff050000334c5

Error: (10/17/2014 06:20:31 AM) (Source: crypt32) (EventID: 11) (User: )
Description:

Error: (09/15/2014 04:01:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.1.5367mozalloc.dll32.0.1.53670000141b


==================== Memory info ===========================

Processor:  Intel® Atom™ CPU D2700 @ 2.13GHz
Percentage of memory in use: 28%
Total physical RAM: 2042.96 MB
Available physical RAM: 1469.45 MB
Total Pagefile: 3935.58 MB
Available Pagefile: 3467.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.48 GB) (Free:92.59 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C3FFC3FF)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:22 PM

Posted 22 January 2015 - 09:00 PM

Greetings,

Because of the language difference I am going to ask you to review the below listed category and identify any non-English entries that look odd to you or make no sense:
 

==================== One Month Modified Files and Folders =======


Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\DelayInst.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfaicm.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfback.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinst.dll
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinstx.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfiui.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfmicm.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\installservice.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vcredist9_x86.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vpnclient_setup.exe
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Any entries?
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 reglas

reglas
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 23 January 2015 - 06:11 AM

Hi, Gary,

the language is czech. I can see some trash documents, but no odd items.

 

Fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-01-2015
Ran by MALIKOVI at 2015-01-23 12:03:34 Run:1
Running from C:\Documents and Settings\MALIKOVI\Plocha
Loaded Profiles: MALIKOVI (Available profiles: MALIKOVI)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\DelayInst.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfaicm.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfback.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinst.dll
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinstx.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfiui.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfmicm.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\installservice.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vcredist9_x86.exe
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vpnclient_setup.exe
*****************

eamon => Error deleting Service
IntelIde => Service deleted successfully.
WS2IFSL => Service deleted successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\DelayInst.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfaicm.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfback.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinst.dll => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfinstx.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfiui.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\hpfmicm.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\installservice.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vcredist9_x86.exe => Moved successfully.
C:\Documents and Settings\MALIKOVI\Local Settings\Temp\vpnclient_setup.exe => Moved successfully.

==== End of Fixlog 12:03:34 ====

 

Thanks.



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:22 PM

Posted 23 January 2015 - 10:45 AM

Velmi dobrá, bohužel nemám spead české! :)

To Prosím.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click Run ESET Online Scanner.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check YES, I accept the Terms of Use.
  • Click the Start button.
  • Click Enable detection of potentially unwanted applications
  • Accept any security warnings from your browser.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Check Uninstall application on close and Delete quarantined files
  • Click the Finish button.
  • Close the ESET window and reboot your computer
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message attempt to run the program in Safe Mode
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 reglas

reglas
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 23 January 2015 - 02:25 PM

Hi, Gary.

 

Velmi dobrá, bohužel nemám spead české! :)

To Prosím.

 

Haha, that was almost correct. :lol:

ESET Online scan was clean.

 

I ran SecurityCheck and it seemed like it could not handle the language at first. I ran it three times.

 

SecurityCheck log No.1 (after ESET online scan)

 Results of screen317's Security Check version 0.99.95  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
Poźkejte, ne§ bude program WMIC naainstalov n.d
i
s
p
l
a
y
N
a
m
e
Re§im ECHO je vypnut.
E
S
E
T
Re§im ECHO je vypnut.
N
O
D
3
2
Re§im ECHO je vypnut.
A
n
t
i
v
i
r
u
s
Re§im ECHO je vypnut.
8
.
0
Re§im ECHO je vypnut.
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.257  
 Adobe Reader XI  
 Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 MALIKOVI Plocha SecurityCheck.exe  
 MALIKOVI LOCALS~1 Temp RarSFX0\SecurityCheck\Objlist.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````

 

This part could be translated as:

 

 

Poźkejte, ne§ bude program WMIC naainstalov n.d
i
s
p
l
a
y
N
a
m
e
Re§im ECHO je vypnut.
E
S
E
T
Re§im ECHO je vypnut.
N
O
D
3
2
Re§im ECHO je vypnut.
A
n
t
i
v
i
r
u
s
Re§im ECHO je vypnut.
8
.
0
Re§im ECHO je vypnut.

Please wait while WMIC is being installed.

Display name

ECHO mode off (Note: I don't think this is the correct english OS translation)

ESET

ECHO mode off

NOD32

ECHO mode off

Antivirus

ECHO mode off

8

.

0

ECHO mode off

 

____

 

After that, I ran SecurityCheck in safe mode.

SecurityCheck log No.2

 

 Results of screen317's Security Check version 0.99.95  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
ESET NOD32 Antivirus 8.0   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.257  
 Adobe Reader XI  
 Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent````````  
 MALIKOVI Plocha SecurityCheck.exe  
 MALIKOVI LOCALS~1 Temp RarSFX0\SecurityCheck\Objlist.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
 

____

 

Then I rebooted into normal mode and the log was readable again.

SecurityCheck log No.3

 

 Results of screen317's Security Check version 0.99.95  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
ESET NOD32 Antivirus 8.0   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.257  
 Adobe Reader XI  
 Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 MALIKOVI Plocha SecurityCheck.exe  
 MALIKOVI LOCALS~1 Temp RarSFX0\SecurityCheck\Objlist.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
 

Thank you.



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:22 PM

Posted 23 January 2015 - 02:39 PM

Haha, that was almost correct

Blame Google translate..... :)

 

That looks great, any other issues?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 reglas

reglas
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 24 January 2015 - 11:04 AM

Nope, that's all. Laptops are now clean, too.

 

You can lock this thread.

 

Thank you very much, Gary. :thumbsup2:



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:22 PM

Posted 24 January 2015 - 03:42 PM

You are welcome.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder. For everything else you simply delete the log files or desktop icons.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:22 PM

Posted 29 March 2015 - 07:51 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users