Pomalý počítač
Napsal: 25 čer 2016 17:24
Pěkný večer.
Velmi pomalý počítač. CPU "využit" na 100%. Nemohu nainstalovat např. CCleaner. Děkuji za váš čas.
Zde log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2016 01
Ran by Jiri (administrator) on JIRKABOOK (25-06-2016 16:31:49)
Running from C:\Users\Jiri\Desktop
Loaded Profiles: Jiri (Available Profiles: Jiri)
Platform: Windows Vista (TM) Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
() C:\WINDOWS\System32\hpservice.exe
(Agere Systems) C:\WINDOWS\System32\agrsmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Infineon Technologies AG) C:\WINDOWS\System32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\System32\IFXTCS.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\WINDOWS\System32\IfxPsdSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsty.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Infineon Technologies AG) C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\setup_wm.exe
(ABBYY (BIT Software)) C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(ABBYY Software Ltd) C:\Program Files\ABBYY Screenshot Reader\ScreenshotReader.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
(Microsoft Corporation) C:\WINDOWS\System32\mobsync.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [331552 2007-05-08] (PDF Complete Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392 2007-01-12] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472632 2007-05-11] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [317128 2007-01-10] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [50696 2007-03-12] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [QlbCtrl] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [163840 2007-05-02] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [WatchDog] => C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [192512 2007-05-23] (InterVideo Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [T-Mobile Communication Centre] => "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe"
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [IFXSPMGT] => c:\Windows\system32\ifxspmgt.exe [677144 2007-07-24] (Infineon Technologies AG)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1097728 2006-10-17] (Analog Devices, Inc.)
HKLM\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files\ABBYY Screenshot Reader\ScreenShotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2007-06-08] (Hewlett-Packard Limited)
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company)
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\...\MountPoints2: {e4f755e5-24fa-11e1-b417-806e6f6e6963} - D:\Install.exe
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [70144 2007-02-26] (Bioscrypt Inc.)
Lsa: [Notification Packages] SbHpNp scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk [2008-03-18]
ShortcutTarget: DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-01-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-18] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{502D205B-0371-406F-BA94-F207C4AA91A8}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6E9605C-7C17-49E3-8B0C-6ED82E8527B8}: [DhcpNameServer] 192.168.1.6
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-zones.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-zones.cz/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-zones.cz/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-zones.cz/
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-zones.cz/
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-13] (Sun Microsystems, Inc.)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> No File
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-13] (Sun Microsystems, Inc.)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21] (Bioscrypt Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-12-13] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-15] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/en-us/?pc=__PARAM__&ocid=__PARAM__DHP
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-12]
CHR Extension: (Dokumenty Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-12]
CHR Extension: (Disk Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-12]
CHR Extension: (YouTube) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Tabulky Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-12]
CHR Extension: (Skype) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-10]
CHR Extension: (Gmail) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
R2 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [74752 2007-03-14] (Bioscrypt Inc.) [File not signed]
R2 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1983264 2016-03-03] (ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [172131 2007-06-08] (Hewlett-Packard Ltd) [File not signed]
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984 2007-03-14] (Hewlett-Packard)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184 2007-09-06] (SafeBoot International) [File not signed]
R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
R2 hpsrv; C:\Windows\system32\Hpservice.exe [18944 2007-01-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IFXSpMgtSrv; c:\Windows\system32\ifxspmgt.exe [677144 2007-07-24] (Infineon Technologies AG)
R2 IFXTCS; C:\WINDOWS\System32\IFXTCS.exe [886040 2007-07-24] (Infineon Technologies AG)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [540448 2007-05-08] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Windows\system32\IfxPsdSv.exe [140568 2007-07-24] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S3 stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-11-01] (MicroVision Development, Inc.) [File not signed]
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-18] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
S2 Winmgmt; C:\Users\Jiri\5692099.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146560 2007-08-28] (AuthenTec, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [30008 2007-06-08] (Hewlett-Packard Development Company L.P.) [File not signed]
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206312 2016-04-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146024 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [130616 2016-04-14] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 IpwP; C:\Windows\System32\DRIVERS\ipw3gnet.sys [51040 2008-04-11] (IPWireless Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [38816 2007-07-24] (Infineon Technologies AG)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [5840 2007-08-14] (SafeBoot International) [File not signed]
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [101167 2007-08-14] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [44720 2006-10-09] (SafeBoot N.V.) [File not signed]
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13184 2007-06-14] (SafeBoot International)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-25 15:06 - 2016-06-25 16:30 - 00028144 _____ C:\Users\Jiri\Desktop\Addition.txt
2016-06-25 14:48 - 2016-06-25 16:31 - 00021026 _____ C:\Users\Jiri\Desktop\FRST.txt
2016-06-25 14:40 - 2016-06-25 16:31 - 00000000 ____D C:\FRST
2016-06-25 14:25 - 2016-06-25 14:25 - 00000000 ____D C:\ProgramData\WindowsSearch
2016-06-25 13:59 - 2016-06-25 13:59 - 00000000 ____D C:\Users\Jiri\AppData\Local\ABBYY
2016-06-25 13:45 - 2016-06-25 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY Screenshot Reader
2016-06-25 13:43 - 2016-06-25 13:57 - 00000000 ____D C:\ProgramData\ABBYY
2016-06-25 13:43 - 2016-06-25 13:50 - 00000000 ____D C:\Program Files\ABBYY Screenshot Reader
2016-06-25 13:31 - 2016-06-25 13:31 - 00000000 ____D C:\temp
2016-06-25 12:42 - 2016-06-25 12:43 - 01738240 _____ (Farbar) C:\Users\Jiri\Desktop\FRST.exe
2016-06-25 12:20 - 2016-06-25 12:20 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri\Downloads\Nepotvrzeno 45435.crdownload
2016-06-25 11:24 - 2016-06-25 11:24 - 00299008 _____ (Piriform Ltd) C:\Users\Jiri\Downloads\ccsetup519 (1).exe
2016-06-25 11:23 - 2016-06-25 11:24 - 01916928 _____ (Piriform Ltd) C:\Users\Jiri\Downloads\ccsetup519.exe
2016-06-20 18:31 - 2016-06-20 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-20 18:31 - 2016-06-20 18:31 - 00000000 ____D C:\ProgramData\ESET
2016-06-12 07:53 - 2016-06-12 07:53 - 18531328 _____ C:\Users\Jiri\Downloads\1877122.xls
2016-06-03 11:44 - 2016-06-03 11:44 - 38221487 _____ C:\Users\Jiri\Downloads\setkání GYMPL-28.5.2016 (2).zip
2016-06-03 11:43 - 2016-06-03 11:44 - 38221487 _____ C:\Users\Jiri\Downloads\setkání GYMPL-28.5.2016 (1).zip
2016-06-03 11:39 - 2016-06-03 11:40 - 38221487 _____ C:\Users\Jiri\Downloads\setkání GYMPL-28.5.2016.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-25 16:27 - 2011-12-25 12:39 - 00000000 ____D C:\Users\Jiri\AppData\Roaming\Skype
2016-06-25 16:15 - 2014-02-06 16:23 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-25 15:54 - 2014-05-12 09:19 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6db27de5bc80.job
2016-06-25 15:50 - 2015-06-02 19:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09d5b13afcc97.job
2016-06-25 15:44 - 2014-10-26 15:49 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff123a2821e87.job
2016-06-25 15:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-25 15:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-25 11:02 - 2015-06-02 19:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09d5b1351567c.job
2016-06-25 11:02 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-25 10:17 - 2007-02-12 13:00 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-25 10:17 - 2006-11-02 15:01 - 00032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-22 08:44 - 2016-01-11 12:26 - 00002395 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-20 18:32 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-17 09:08 - 2014-02-06 16:23 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-17 09:08 - 2014-02-06 16:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-11 11:53 - 2012-01-15 17:35 - 00049152 _____ C:\Users\Jiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Files in the root of some directories =======
2013-12-11 17:01 - 2013-12-11 17:01 - 49940480 _____ () C:\Program Files\GUTC784.tmp
2011-12-13 00:16 - 2011-12-13 00:16 - 0000000 _____ () C:\Users\Jiri\AppData\Local\AtStart.txt
2012-05-11 16:08 - 2015-08-23 11:42 - 0006324 _____ () C:\Users\Jiri\AppData\Local\d3d9caps.dat
2012-01-15 17:35 - 2016-06-11 11:53 - 0049152 _____ () C:\Users\Jiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-13 00:16 - 2011-12-13 00:16 - 0000000 _____ () C:\Users\Jiri\AppData\Local\DSwitch.txt
2011-12-25 12:23 - 2011-12-25 12:23 - 0000000 _____ () C:\Users\Jiri\AppData\Local\FnF4.txt
2011-12-13 00:16 - 2011-12-13 00:16 - 0000000 _____ () C:\Users\Jiri\AppData\Local\QSwitch.txt
2013-03-22 15:55 - 2013-03-24 21:45 - 95023320 ____T () C:\ProgramData\9902965.pad
2012-01-30 11:01 - 2014-11-20 12:41 - 0002318 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\ProgramData\9902965.pad
Some files in TEMP:
====================
C:\Users\Jiri\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Jiri\AppData\Local\Temp\HPQSi.exe
C:\Users\Jiri\AppData\Local\Temp\InstHelper.exe
C:\Users\Jiri\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jiri\AppData\Local\Temp\{29B2B4EF-892C-4905-BAC1-6F5B7DE5958A}-29.0.1547.57_28.0.1500.95_chrome_updater.exe
C:\Users\Jiri\AppData\Local\Temp\{3FE1DCE3-1AB6-4735-A402-8BF3ECE836AD}-38.0.2125.111_38.0.2125.104_chrome_updater.exe
C:\Users\Jiri\AppData\Local\Temp\{4FF91AE9-DB00-4FE6-8556-131EEAC441C2}-GoogleUpdateSetup.exe
C:\Users\Jiri\AppData\Local\Temp\{6A413C85-7684-4047-ABFD-CB0F2A46A9A4}-39.0.2171.99_chrome_installer.exe
C:\Users\Jiri\AppData\Local\Temp\{93D88D5B-EFB7-4DA2-A932-2CFBC300F91F}-42.0.2311.90_chrome_installer.exe
C:\Users\Jiri\AppData\Local\Temp\{94CA6D2F-540E-4645-AEAE-5BA67AC170E3}-GoogleEarth-Win-Bundle-7.1.2.2041.exe
C:\Users\Jiri\AppData\Local\Temp\{9A49DAB8-A31A-489A-8C74-E90A17B7D942}-45.0.2454.93_45.0.2454.85_chrome_updater.exe
C:\Users\Jiri\AppData\Local\Temp\{D3EDC5AD-725E-42A3-9244-9E888BE67103}-47.0.2526.106_chrome_installer.exe
C:\Users\Jiri\AppData\Local\Temp\{E7A5C992-EE52-4723-9A8E-3DBF5411AA91}-30.0.1599.69_chrome_installer.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Velmi pomalý počítač. CPU "využit" na 100%. Nemohu nainstalovat např. CCleaner. Děkuji za váš čas.
Zde log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2016 01
Ran by Jiri (administrator) on JIRKABOOK (25-06-2016 16:31:49)
Running from C:\Users\Jiri\Desktop
Loaded Profiles: Jiri (Available Profiles: Jiri)
Platform: Windows Vista (TM) Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
() C:\WINDOWS\System32\hpservice.exe
(Agere Systems) C:\WINDOWS\System32\agrsmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Infineon Technologies AG) C:\WINDOWS\System32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\System32\IFXTCS.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\WINDOWS\System32\IfxPsdSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsty.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Infineon Technologies AG) C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Hewlett-Packard Co.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\setup_wm.exe
(ABBYY (BIT Software)) C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(ABBYY Software Ltd) C:\Program Files\ABBYY Screenshot Reader\ScreenshotReader.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
(Microsoft Corporation) C:\WINDOWS\System32\mobsync.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [331552 2007-05-08] (PDF Complete Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392 2007-01-12] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472632 2007-05-11] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [317128 2007-01-10] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [50696 2007-03-12] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [QlbCtrl] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [163840 2007-05-02] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM\...\Run: [WatchDog] => C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [192512 2007-05-23] (InterVideo Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [T-Mobile Communication Centre] => "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe"
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [IFXSPMGT] => c:\Windows\system32\ifxspmgt.exe [677144 2007-07-24] (Infineon Technologies AG)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1097728 2006-10-17] (Analog Devices, Inc.)
HKLM\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files\ABBYY Screenshot Reader\ScreenShotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2007-06-08] (Hewlett-Packard Limited)
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company)
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\...\MountPoints2: {e4f755e5-24fa-11e1-b417-806e6f6e6963} - D:\Install.exe
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [70144 2007-02-26] (Bioscrypt Inc.)
Lsa: [Notification Packages] SbHpNp scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk [2008-03-18]
ShortcutTarget: DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-01-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-18] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{502D205B-0371-406F-BA94-F207C4AA91A8}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6E9605C-7C17-49E3-8B0C-6ED82E8527B8}: [DhcpNameServer] 192.168.1.6
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-zones.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-zones.cz/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-zones.cz/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-zones.cz/
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-zones.cz/
HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Podpora odkazu pro Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-13] (Sun Microsystems, Inc.)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> No File
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-13] (Sun Microsystems, Inc.)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2006-11-21] (Bioscrypt Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll [2007-10-18] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-12-13] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-12-15] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/en-us/?pc=__PARAM__&ocid=__PARAM__DHP
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-12]
CHR Extension: (Dokumenty Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-12]
CHR Extension: (Disk Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-12]
CHR Extension: (YouTube) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Tabulky Google) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-12]
CHR Extension: (Skype) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-10]
CHR Extension: (Gmail) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKU\S-1-5-21-2835193051-1257182012-3826305291-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
R2 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [74752 2007-03-14] (Bioscrypt Inc.) [File not signed]
R2 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll [131584 2006-06-22] (Cognizance Corporation) [File not signed]
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1983264 2016-03-03] (ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [172131 2007-06-08] (Hewlett-Packard Ltd) [File not signed]
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984 2007-03-14] (Hewlett-Packard)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184 2007-09-06] (SafeBoot International) [File not signed]
R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
R2 hpsrv; C:\Windows\system32\Hpservice.exe [18944 2007-01-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IFXSpMgtSrv; c:\Windows\system32\ifxspmgt.exe [677144 2007-07-24] (Infineon Technologies AG)
R2 IFXTCS; C:\WINDOWS\System32\IFXTCS.exe [886040 2007-07-24] (Infineon Technologies AG)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [540448 2007-05-08] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Windows\system32\IfxPsdSv.exe [140568 2007-07-24] (Infineon Technologies AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
S3 stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-11-01] (MicroVision Development, Inc.) [File not signed]
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-18] (Microsoft Corporation)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
S2 Winmgmt; C:\Users\Jiri\5692099.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146560 2007-08-28] (AuthenTec, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [30008 2007-06-08] (Hewlett-Packard Development Company L.P.) [File not signed]
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206312 2016-04-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146024 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [130616 2016-04-14] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 IpwP; C:\Windows\System32\DRIVERS\ipw3gnet.sys [51040 2008-04-11] (IPWireless Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [38816 2007-07-24] (Infineon Technologies AG)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [5840 2007-08-14] (SafeBoot International) [File not signed]
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [101167 2007-08-14] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [44720 2006-10-09] (SafeBoot N.V.) [File not signed]
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13184 2007-06-14] (SafeBoot International)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-25 15:06 - 2016-06-25 16:30 - 00028144 _____ C:\Users\Jiri\Desktop\Addition.txt
2016-06-25 14:48 - 2016-06-25 16:31 - 00021026 _____ C:\Users\Jiri\Desktop\FRST.txt
2016-06-25 14:40 - 2016-06-25 16:31 - 00000000 ____D C:\FRST
2016-06-25 14:25 - 2016-06-25 14:25 - 00000000 ____D C:\ProgramData\WindowsSearch
2016-06-25 13:59 - 2016-06-25 13:59 - 00000000 ____D C:\Users\Jiri\AppData\Local\ABBYY
2016-06-25 13:45 - 2016-06-25 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY Screenshot Reader
2016-06-25 13:43 - 2016-06-25 13:57 - 00000000 ____D C:\ProgramData\ABBYY
2016-06-25 13:43 - 2016-06-25 13:50 - 00000000 ____D C:\Program Files\ABBYY Screenshot Reader
2016-06-25 13:31 - 2016-06-25 13:31 - 00000000 ____D C:\temp
2016-06-25 12:42 - 2016-06-25 12:43 - 01738240 _____ (Farbar) C:\Users\Jiri\Desktop\FRST.exe
2016-06-25 12:20 - 2016-06-25 12:20 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri\Downloads\Nepotvrzeno 45435.crdownload
2016-06-25 11:24 - 2016-06-25 11:24 - 00299008 _____ (Piriform Ltd) C:\Users\Jiri\Downloads\ccsetup519 (1).exe
2016-06-25 11:23 - 2016-06-25 11:24 - 01916928 _____ (Piriform Ltd) C:\Users\Jiri\Downloads\ccsetup519.exe
2016-06-20 18:31 - 2016-06-20 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-20 18:31 - 2016-06-20 18:31 - 00000000 ____D C:\ProgramData\ESET
2016-06-12 07:53 - 2016-06-12 07:53 - 18531328 _____ C:\Users\Jiri\Downloads\1877122.xls
2016-06-03 11:44 - 2016-06-03 11:44 - 38221487 _____ C:\Users\Jiri\Downloads\setkání GYMPL-28.5.2016 (2).zip
2016-06-03 11:43 - 2016-06-03 11:44 - 38221487 _____ C:\Users\Jiri\Downloads\setkání GYMPL-28.5.2016 (1).zip
2016-06-03 11:39 - 2016-06-03 11:40 - 38221487 _____ C:\Users\Jiri\Downloads\setkání GYMPL-28.5.2016.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-25 16:27 - 2011-12-25 12:39 - 00000000 ____D C:\Users\Jiri\AppData\Roaming\Skype
2016-06-25 16:15 - 2014-02-06 16:23 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-25 15:54 - 2014-05-12 09:19 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6db27de5bc80.job
2016-06-25 15:50 - 2015-06-02 19:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09d5b13afcc97.job
2016-06-25 15:44 - 2014-10-26 15:49 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff123a2821e87.job
2016-06-25 15:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-25 15:02 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-25 11:02 - 2015-06-02 19:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09d5b1351567c.job
2016-06-25 11:02 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-25 10:17 - 2007-02-12 13:00 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-25 10:17 - 2006-11-02 15:01 - 00032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-22 08:44 - 2016-01-11 12:26 - 00002395 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-20 18:32 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-06-17 09:08 - 2014-02-06 16:23 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-17 09:08 - 2014-02-06 16:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-11 11:53 - 2012-01-15 17:35 - 00049152 _____ C:\Users\Jiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Files in the root of some directories =======
2013-12-11 17:01 - 2013-12-11 17:01 - 49940480 _____ () C:\Program Files\GUTC784.tmp
2011-12-13 00:16 - 2011-12-13 00:16 - 0000000 _____ () C:\Users\Jiri\AppData\Local\AtStart.txt
2012-05-11 16:08 - 2015-08-23 11:42 - 0006324 _____ () C:\Users\Jiri\AppData\Local\d3d9caps.dat
2012-01-15 17:35 - 2016-06-11 11:53 - 0049152 _____ () C:\Users\Jiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-13 00:16 - 2011-12-13 00:16 - 0000000 _____ () C:\Users\Jiri\AppData\Local\DSwitch.txt
2011-12-25 12:23 - 2011-12-25 12:23 - 0000000 _____ () C:\Users\Jiri\AppData\Local\FnF4.txt
2011-12-13 00:16 - 2011-12-13 00:16 - 0000000 _____ () C:\Users\Jiri\AppData\Local\QSwitch.txt
2013-03-22 15:55 - 2013-03-24 21:45 - 95023320 ____T () C:\ProgramData\9902965.pad
2012-01-30 11:01 - 2014-11-20 12:41 - 0002318 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\ProgramData\9902965.pad
Some files in TEMP:
====================
C:\Users\Jiri\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Jiri\AppData\Local\Temp\HPQSi.exe
C:\Users\Jiri\AppData\Local\Temp\InstHelper.exe
C:\Users\Jiri\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jiri\AppData\Local\Temp\{29B2B4EF-892C-4905-BAC1-6F5B7DE5958A}-29.0.1547.57_28.0.1500.95_chrome_updater.exe
C:\Users\Jiri\AppData\Local\Temp\{3FE1DCE3-1AB6-4735-A402-8BF3ECE836AD}-38.0.2125.111_38.0.2125.104_chrome_updater.exe
C:\Users\Jiri\AppData\Local\Temp\{4FF91AE9-DB00-4FE6-8556-131EEAC441C2}-GoogleUpdateSetup.exe
C:\Users\Jiri\AppData\Local\Temp\{6A413C85-7684-4047-ABFD-CB0F2A46A9A4}-39.0.2171.99_chrome_installer.exe
C:\Users\Jiri\AppData\Local\Temp\{93D88D5B-EFB7-4DA2-A932-2CFBC300F91F}-42.0.2311.90_chrome_installer.exe
C:\Users\Jiri\AppData\Local\Temp\{94CA6D2F-540E-4645-AEAE-5BA67AC170E3}-GoogleEarth-Win-Bundle-7.1.2.2041.exe
C:\Users\Jiri\AppData\Local\Temp\{9A49DAB8-A31A-489A-8C74-E90A17B7D942}-45.0.2454.93_45.0.2454.85_chrome_updater.exe
C:\Users\Jiri\AppData\Local\Temp\{D3EDC5AD-725E-42A3-9244-9E888BE67103}-47.0.2526.106_chrome_installer.exe
C:\Users\Jiri\AppData\Local\Temp\{E7A5C992-EE52-4723-9A8E-3DBF5411AA91}-30.0.1599.69_chrome_installer.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed