zavirovaný all in one PC Compaq
Napsal: 11 srp 2018 20:00
Pěkný večer všem,
má poslední dobou problém se svým PC, kde zřejmě zahnízdil nějaký malware. Internet je je prakticky nepoužitlený. AdBlock například na Seznamu detekuje 1000+ reklam. Bohužel jde ještě o Win XP. Můžete mi kromě postupu, co mám dělat doporučit nějaký dostupný freeware firewall a podporovaný internetový prohlížeč pro Windows XP? Avastem projde vše jako máslem. Díky za pomoc
Radek
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2018
Ran by HP_Administrator (administrator) on DOMA (11-08-2018 20:55:03)
Running from C:\Documents and Settings\HP_Administrator\Plocha
Loaded Profiles: HP_Administrator (Available Profiles: HP_Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Telefónica I+D) C:\Program Files\O2\O2CZ\EMMSN.exe
(Telefónica I+D) C:\Program Files\O2\Nori\Nori.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19523616 2010-04-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-14] (PDF Complete Inc)
HKLM\...\Run: [hpsysdrv] => c:\windows\system\hpsysdrv.exe [52736 1998-05-07] (Hewlett-Packard Company)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242904 2018-07-17] (AVAST Software)
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\...\MountPoints2: {d81089ae-9d48-11e8-9e66-1cc1de4f37c4} - F:\SetupVMB.exe
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\...\MountPoints2: {d81089b1-9d48-11e8-9e66-1cc1de4f37c4} - F:\AutoRun.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{F7AFD1B7-BA9C-477D-892F-69CC783ADA97}: [DhcpNameServer] 84.16.121.1 84.16.96.2
Tcpip\..\Interfaces\{FE15315A-8390-47D1-BD9D-F62C74967BA5}: [NameServer] 194.228.211.33 160.218.161.60
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-379970928-3254597947-3081504926-1007 -> {D50EB7F4-2A89-4461-942A-A4FA1DCBA293} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2018-07-17] (AVAST Software)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-10] (Oracle Corporation)
BHO: No Name -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> No File
Toolbar: HKLM - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-379970928-3254597947-3081504926-1007 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-379970928-3254597947-3081504926-1007 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///E:/CDVIEWER/CdViewer.cab
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-27] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-08-11]
CHR Extension: (Dokumenty) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-22]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-22]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-09]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-27]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-11] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6341888 2018-07-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [322464 2018-07-17] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-10] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 VmbNotifierService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe [162304 2015-05-22] (Vodafone) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-07-17] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188352 2018-07-17] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-07-17] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284328 2018-07-17] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57976 2018-07-17] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [189240 2018-07-17] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-07-17] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [39784 2017-09-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [133680 2018-07-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70840 2018-07-17] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71848 2018-07-17] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784120 2018-07-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [396352 2018-07-24] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205864 2018-07-17] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-07-17] (AVAST Software)
R3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-11 20:55 - 2018-08-11 20:55 - 000014148 _____ C:\Documents and Settings\HP_Administrator\Plocha\FRST.txt
2018-08-11 20:54 - 2018-08-11 20:55 - 000000000 ____D C:\FRST
2018-08-11 20:54 - 2018-08-11 20:54 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\FRSTLauncher.exe
2018-08-11 20:54 - 2018-08-11 20:54 - 000029696 _____ C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\MSGBOX.EXE
2018-08-11 20:54 - 2018-08-11 20:54 - 000015327 _____ C:\Documents and Settings\HP_Administrator\Plocha\LM.bat
2018-08-11 20:53 - 2018-08-11 20:53 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\Nepotvrzeno 661598.crdownload
2018-08-11 20:53 - 2018-08-11 20:53 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\Nepotvrzeno 263070.crdownload
2018-08-11 20:52 - 2018-08-11 20:52 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\Nepotvrzeno 455514.crdownload
2018-08-11 20:50 - 2018-08-11 20:50 - 001773056 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Plocha\FRST.exe
2018-08-11 19:45 - 2018-08-11 19:45 - 000265416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-11 12:03 - 2018-08-11 19:51 - 000012680 _____ C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2018-08-11 12:03 - 2018-08-11 12:03 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Data aplikací\Telefónica Móviles
2018-08-11 12:00 - 2018-08-11 12:00 - 000000698 _____ C:\Documents and Settings\All Users\Plocha\O2 Průvodce připojením.lnk
2018-08-11 12:00 - 2009-12-15 14:05 - 000113280 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2018-08-11 12:00 - 2009-12-15 14:05 - 000102528 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2018-08-11 12:00 - 2009-12-15 14:05 - 000100736 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbdev.sys
2018-08-11 12:00 - 2009-12-15 14:05 - 000024448 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2018-08-11 11:53 - 2018-08-11 11:59 - 000000000 ____D C:\Program Files\O2
2018-08-11 11:53 - 2018-08-11 11:53 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\O2
2018-08-11 11:42 - 2018-08-11 11:42 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Data aplikací\Vodafone
2018-08-11 11:40 - 2018-08-11 11:40 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2018-08-11 11:39 - 2018-08-11 11:39 - 000001975 _____ C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Broadband.lnk
2018-08-11 11:39 - 2018-08-11 11:39 - 000000000 ____D C:\Program Files\Vodafone
2018-08-11 11:39 - 2018-08-11 11:39 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Vodafone
2018-08-11 11:39 - 2018-08-11 11:39 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Vodafone
2018-08-11 11:39 - 2014-09-19 17:59 - 001112288 ____R (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01007.dll
2018-08-11 11:39 - 2014-09-19 17:59 - 000077696 ____R (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2018-08-11 11:29 - 2018-08-11 11:29 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Downloaded Installations
2018-07-17 09:06 - 2018-07-17 09:06 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\AVAST Software
2018-07-17 08:52 - 2018-07-17 08:49 - 000321752 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-11 20:55 - 2010-09-17 20:05 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Plocha
2018-08-11 20:55 - 2010-09-17 20:05 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2018-08-11 20:54 - 2010-09-25 20:02 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google
2018-08-11 20:54 - 2010-09-17 20:05 - 000000000 ___HD C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací
2018-08-11 20:46 - 2018-03-30 08:12 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-08-11 20:46 - 2017-04-04 15:25 - 000000360 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-08-11 20:34 - 2010-09-25 20:02 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-08-11 20:29 - 2012-10-27 21:41 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-08-11 20:23 - 2018-03-14 11:30 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-08-11 20:23 - 2010-06-15 12:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-08-11 19:45 - 2014-03-30 08:55 - 000000244 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-11 19:45 - 2010-09-25 20:02 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-08-11 19:45 - 2010-06-15 13:28 - 000000188 _____ C:\WINDOWS\system\hpsysdrv.DAT
2018-08-11 19:45 - 2010-06-15 12:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-11 19:31 - 2010-09-17 20:05 - 000000178 ___SH C:\Documents and Settings\HP_Administrator\ntuser.ini
2018-08-11 19:31 - 2010-09-17 20:05 - 000000000 ____D C:\Documents and Settings\HP_Administrator
2018-08-11 19:31 - 2010-06-15 13:11 - 000065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2018-08-11 19:31 - 2010-06-15 13:03 - 000065536 _____ C:\WINDOWS\system32\config\Internet.evt
2018-08-11 19:31 - 2010-06-15 12:43 - 000032556 _____ C:\WINDOWS\SchedLgU.Txt
2018-08-11 14:44 - 2010-06-15 14:29 - 000000000 ___HD C:\WINDOWS\inf
2018-08-11 13:46 - 2010-10-24 03:20 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-11 13:46 - 2010-06-15 14:34 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-08-11 12:39 - 2010-06-15 13:07 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2018-08-11 12:33 - 2010-06-15 14:34 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-08-11 12:33 - 2010-06-15 13:07 - 000000000 ____D C:\Program Files\Microsoft Office
2018-08-11 12:30 - 2010-06-15 13:11 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
2018-08-11 12:16 - 2010-06-15 13:27 - 000000542 _____ C:\WINDOWS\win.ini
2018-08-11 12:16 - 2010-06-15 12:39 - 000000000 ____D C:\Program Files\Common Files\System
2018-08-11 12:03 - 2010-09-17 20:05 - 000000000 __RHD C:\Documents and Settings\HP_Administrator\Data aplikací
2018-08-11 12:02 - 2010-06-15 14:34 - 001030424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-11 12:02 - 2010-06-15 13:28 - 000432426 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-11 12:02 - 2010-06-15 13:28 - 000079468 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-11 12:00 - 2010-06-15 14:34 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-08-11 11:39 - 2010-06-15 14:34 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-08-11 10:41 - 2010-09-17 21:15 - 000000488 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{85461042-D0B4-4E96-A1F5-2F3BAC29AEA9}.job
2018-08-09 08:30 - 2014-03-30 08:55 - 000000238 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-09 08:28 - 2010-06-15 13:12 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\PDFC
2018-08-09 08:27 - 2010-06-15 13:27 - 000001158 _____ C:\WINDOWS\system32\wpa.dbl
2018-07-24 08:50 - 2010-09-17 21:11 - 000396352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-07-17 08:50 - 2016-05-31 09:36 - 000205864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-07-17 08:49 - 2017-11-17 10:15 - 000167552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-07-17 08:49 - 2014-10-17 09:38 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-07-17 08:49 - 2013-08-22 18:38 - 000310784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-07-17 08:49 - 2013-08-22 18:38 - 000133680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-07-17 08:49 - 2013-08-22 18:38 - 000071848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-07-17 08:49 - 2010-09-17 21:11 - 000070840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-07-17 08:47 - 2018-01-05 10:14 - 000189240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-07-17 08:47 - 2011-07-02 10:31 - 000784120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000284328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000188352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000164944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000057976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
==================== Files in the root of some directories =======
2013-11-28 17:11 - 2013-08-22 18:36 - 006583664 _____ (AVAST Software) C:\Program Files\Alwi
2018-05-20 07:55 - 2018-05-20 07:55 - 007649280 _____ () C:\Program Files\GUT105.tmp
2010-12-04 16:51 - 2010-12-04 16:51 - 003276544 _____ (Ghisler Software GmbH) C:\Program Files\tcmd756.exe
2012-01-02 18:42 - 2012-01-02 18:42 - 000003584 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-09-18 12:49 - 2010-09-18 12:49 - 000000082 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\FASTWiz.log
2018-08-11 20:54 - 2018-08-11 20:54 - 000029696 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\MSGBOX.EXE
2012-10-27 19:41 - 2012-10-27 21:07 - 083023306 ____T () C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.pad
Some files in TEMP:
====================
2018-08-11 11:47 - 2009-04-02 17:07 - 000110592 ____R (Huawei Technologies Co., Ltd.) C:\Documents and Settings\HP_Administrator\Local Settings\Temp\DataCard_Setup.exe
2018-08-11 11:47 - 2009-03-18 12:46 - 000007168 ____R () C:\Documents and Settings\HP_Administrator\Local Settings\Temp\ResetDevice.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
má poslední dobou problém se svým PC, kde zřejmě zahnízdil nějaký malware. Internet je je prakticky nepoužitlený. AdBlock například na Seznamu detekuje 1000+ reklam. Bohužel jde ještě o Win XP. Můžete mi kromě postupu, co mám dělat doporučit nějaký dostupný freeware firewall a podporovaný internetový prohlížeč pro Windows XP? Avastem projde vše jako máslem. Díky za pomoc
Radek
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2018
Ran by HP_Administrator (administrator) on DOMA (11-08-2018 20:55:03)
Running from C:\Documents and Settings\HP_Administrator\Plocha
Loaded Profiles: HP_Administrator (Available Profiles: HP_Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Telefónica I+D) C:\Program Files\O2\O2CZ\EMMSN.exe
(Telefónica I+D) C:\Program Files\O2\Nori\Nori.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [19523616 2010-04-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-14] (PDF Complete Inc)
HKLM\...\Run: [hpsysdrv] => c:\windows\system\hpsysdrv.exe [52736 1998-05-07] (Hewlett-Packard Company)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242904 2018-07-17] (AVAST Software)
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\...\MountPoints2: {d81089ae-9d48-11e8-9e66-1cc1de4f37c4} - F:\SetupVMB.exe
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\...\MountPoints2: {d81089b1-9d48-11e8-9e66-1cc1de4f37c4} - F:\AutoRun.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{F7AFD1B7-BA9C-477D-892F-69CC783ADA97}: [DhcpNameServer] 84.16.121.1 84.16.96.2
Tcpip\..\Interfaces\{FE15315A-8390-47D1-BD9D-F62C74967BA5}: [NameServer] 194.228.211.33 160.218.161.60
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=64&bd=PRESARIO&pf=desktop
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-379970928-3254597947-3081504926-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-379970928-3254597947-3081504926-1007 -> {D50EB7F4-2A89-4461-942A-A4FA1DCBA293} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2018-07-17] (AVAST Software)
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-10] (Oracle Corporation)
BHO: No Name -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> No File
Toolbar: HKLM - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-379970928-3254597947-3081504926-1007 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-379970928-3254597947-3081504926-1007 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///E:/CDVIEWER/CdViewer.cab
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-27] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default [2018-08-11]
CHR Extension: (Dokumenty) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-22]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-22]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-09]
CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-27]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-07-11] (Adobe Systems Incorporated) [File not signed]
S3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6341888 2018-07-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [322464 2018-07-17] (AVAST Software)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-10] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 VmbNotifierService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe [162304 2015-05-22] (Vodafone) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [167552 2018-07-17] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriverx.sys [188352 2018-07-17] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidshx.sys [164944 2018-07-17] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblogx.sys [284328 2018-07-17] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbunivx.sys [57976 2018-07-17] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [189240 2018-07-17] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [42808 2018-07-17] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [39784 2017-09-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [133680 2018-07-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [70840 2018-07-17] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71848 2018-07-17] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [784120 2018-07-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [396352 2018-07-24] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\System32\drivers\aswStmXP.sys [205864 2018-07-17] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [310784 2018-07-17] (AVAST Software)
R3 Huawei; C:\WINDOWS\System32\DRIVERS\ewdcsc.sys [24448 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R1 tidnet; C:\WINDOWS\System32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-12-15] (Huawei Technologies Co., Ltd.)
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-11 20:55 - 2018-08-11 20:55 - 000014148 _____ C:\Documents and Settings\HP_Administrator\Plocha\FRST.txt
2018-08-11 20:54 - 2018-08-11 20:55 - 000000000 ____D C:\FRST
2018-08-11 20:54 - 2018-08-11 20:54 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\FRSTLauncher.exe
2018-08-11 20:54 - 2018-08-11 20:54 - 000029696 _____ C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\MSGBOX.EXE
2018-08-11 20:54 - 2018-08-11 20:54 - 000015327 _____ C:\Documents and Settings\HP_Administrator\Plocha\LM.bat
2018-08-11 20:53 - 2018-08-11 20:53 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\Nepotvrzeno 661598.crdownload
2018-08-11 20:53 - 2018-08-11 20:53 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\Nepotvrzeno 263070.crdownload
2018-08-11 20:52 - 2018-08-11 20:52 - 000112640 _____ (forum.viry.cz) C:\Documents and Settings\HP_Administrator\Plocha\Nepotvrzeno 455514.crdownload
2018-08-11 20:50 - 2018-08-11 20:50 - 001773056 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Plocha\FRST.exe
2018-08-11 19:45 - 2018-08-11 19:45 - 000265416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-11 12:03 - 2018-08-11 19:51 - 000012680 _____ C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2018-08-11 12:03 - 2018-08-11 12:03 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Data aplikací\Telefónica Móviles
2018-08-11 12:00 - 2018-08-11 12:00 - 000000698 _____ C:\Documents and Settings\All Users\Plocha\O2 Průvodce připojením.lnk
2018-08-11 12:00 - 2009-12-15 14:05 - 000113280 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys
2018-08-11 12:00 - 2009-12-15 14:05 - 000102528 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2018-08-11 12:00 - 2009-12-15 14:05 - 000100736 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbdev.sys
2018-08-11 12:00 - 2009-12-15 14:05 - 000024448 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2018-08-11 11:53 - 2018-08-11 11:59 - 000000000 ____D C:\Program Files\O2
2018-08-11 11:53 - 2018-08-11 11:53 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\O2
2018-08-11 11:42 - 2018-08-11 11:42 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Data aplikací\Vodafone
2018-08-11 11:40 - 2018-08-11 11:40 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2018-08-11 11:39 - 2018-08-11 11:39 - 000001975 _____ C:\Documents and Settings\All Users\Plocha\Vodafone Mobile Broadband.lnk
2018-08-11 11:39 - 2018-08-11 11:39 - 000000000 ____D C:\Program Files\Vodafone
2018-08-11 11:39 - 2018-08-11 11:39 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Vodafone
2018-08-11 11:39 - 2018-08-11 11:39 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Vodafone
2018-08-11 11:39 - 2014-09-19 17:59 - 001112288 ____R (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01007.dll
2018-08-11 11:39 - 2014-09-19 17:59 - 000077696 ____R (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2018-08-11 11:29 - 2018-08-11 11:29 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Downloaded Installations
2018-07-17 09:06 - 2018-07-17 09:06 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\AVAST Software
2018-07-17 08:52 - 2018-07-17 08:49 - 000321752 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-11 20:55 - 2010-09-17 20:05 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Plocha
2018-08-11 20:55 - 2010-09-17 20:05 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2018-08-11 20:54 - 2010-09-25 20:02 - 000000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\Google
2018-08-11 20:54 - 2010-09-17 20:05 - 000000000 ___HD C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací
2018-08-11 20:46 - 2018-03-30 08:12 - 000000330 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2018-08-11 20:46 - 2017-04-04 15:25 - 000000360 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
2018-08-11 20:34 - 2010-09-25 20:02 - 000000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-08-11 20:29 - 2012-10-27 21:41 - 000000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2018-08-11 20:23 - 2018-03-14 11:30 - 000000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job
2018-08-11 20:23 - 2010-06-15 12:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-08-11 19:45 - 2014-03-30 08:55 - 000000244 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-11 19:45 - 2010-09-25 20:02 - 000000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-08-11 19:45 - 2010-06-15 13:28 - 000000188 _____ C:\WINDOWS\system\hpsysdrv.DAT
2018-08-11 19:45 - 2010-06-15 12:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-11 19:31 - 2010-09-17 20:05 - 000000178 ___SH C:\Documents and Settings\HP_Administrator\ntuser.ini
2018-08-11 19:31 - 2010-09-17 20:05 - 000000000 ____D C:\Documents and Settings\HP_Administrator
2018-08-11 19:31 - 2010-06-15 13:11 - 000065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2018-08-11 19:31 - 2010-06-15 13:03 - 000065536 _____ C:\WINDOWS\system32\config\Internet.evt
2018-08-11 19:31 - 2010-06-15 12:43 - 000032556 _____ C:\WINDOWS\SchedLgU.Txt
2018-08-11 14:44 - 2010-06-15 14:29 - 000000000 ___HD C:\WINDOWS\inf
2018-08-11 13:46 - 2010-10-24 03:20 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-11 13:46 - 2010-06-15 14:34 - 000000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2018-08-11 12:39 - 2010-06-15 13:07 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2018-08-11 12:33 - 2010-06-15 14:34 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-08-11 12:33 - 2010-06-15 13:07 - 000000000 ____D C:\Program Files\Microsoft Office
2018-08-11 12:30 - 2010-06-15 13:11 - 000000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
2018-08-11 12:16 - 2010-06-15 13:27 - 000000542 _____ C:\WINDOWS\win.ini
2018-08-11 12:16 - 2010-06-15 12:39 - 000000000 ____D C:\Program Files\Common Files\System
2018-08-11 12:03 - 2010-09-17 20:05 - 000000000 __RHD C:\Documents and Settings\HP_Administrator\Data aplikací
2018-08-11 12:02 - 2010-06-15 14:34 - 001030424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-11 12:02 - 2010-06-15 13:28 - 000432426 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-11 12:02 - 2010-06-15 13:28 - 000079468 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-11 12:00 - 2010-06-15 14:34 - 000000000 ____D C:\Documents and Settings\All Users\Plocha
2018-08-11 11:39 - 2010-06-15 14:34 - 000000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2018-08-11 10:41 - 2010-09-17 21:15 - 000000488 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{85461042-D0B4-4E96-A1F5-2F3BAC29AEA9}.job
2018-08-09 08:30 - 2014-03-30 08:55 - 000000238 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2018-08-09 08:28 - 2010-06-15 13:12 - 000000000 ____D C:\Documents and Settings\All Users\Data aplikací\PDFC
2018-08-09 08:27 - 2010-06-15 13:27 - 000001158 _____ C:\WINDOWS\system32\wpa.dbl
2018-07-24 08:50 - 2010-09-17 21:11 - 000396352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-07-17 08:50 - 2016-05-31 09:36 - 000205864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2018-07-17 08:49 - 2017-11-17 10:15 - 000167552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-07-17 08:49 - 2014-10-17 09:38 - 000042808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-07-17 08:49 - 2013-08-22 18:38 - 000310784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-07-17 08:49 - 2013-08-22 18:38 - 000133680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-07-17 08:49 - 2013-08-22 18:38 - 000071848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-07-17 08:49 - 2010-09-17 21:11 - 000070840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2018-07-17 08:47 - 2018-01-05 10:14 - 000189240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-07-17 08:47 - 2011-07-02 10:31 - 000784120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000284328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblogx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000188352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000164944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2018-07-17 08:46 - 2017-04-04 15:25 - 000057976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbunivx.sys
==================== Files in the root of some directories =======
2013-11-28 17:11 - 2013-08-22 18:36 - 006583664 _____ (AVAST Software) C:\Program Files\Alwi
2018-05-20 07:55 - 2018-05-20 07:55 - 007649280 _____ () C:\Program Files\GUT105.tmp
2010-12-04 16:51 - 2010-12-04 16:51 - 003276544 _____ (Ghisler Software GmbH) C:\Program Files\tcmd756.exe
2012-01-02 18:42 - 2012-01-02 18:42 - 000003584 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-09-18 12:49 - 2010-09-18 12:49 - 000000082 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\FASTWiz.log
2018-08-11 20:54 - 2018-08-11 20:54 - 000029696 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Data aplikací\MSGBOX.EXE
2012-10-27 19:41 - 2012-10-27 21:07 - 083023306 ____T () C:\Documents and Settings\All Users\Data aplikací\dsgsdgdsgdsgw.pad
Some files in TEMP:
====================
2018-08-11 11:47 - 2009-04-02 17:07 - 000110592 ____R (Huawei Technologies Co., Ltd.) C:\Documents and Settings\HP_Administrator\Local Settings\Temp\DataCard_Setup.exe
2018-08-11 11:47 - 2009-03-18 12:46 - 000007168 ____R () C:\Documents and Settings\HP_Administrator\Local Settings\Temp\ResetDevice.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================