Zpomalený start Windows, špatně odinstalované Kerio

[netman]

Zdravím,

zdá se mi, že při startu Windows XP SP3 je to zpomalené. Měnil jsem Firewall z Keria na PC Tools Firewall Plus a antivir z Avastu na Microsoft Security Essentials. Z počátku bylo vše ok, i teď žádné výrazné problémy nepociťuji, akorát Firewall Plus už se při startu nezobrazí v Systray menu a v Ovládacích Panelech - Přidat nebo odebrat programy stále je Sunbelt Personal Firewall, který nelze odinstalovat - nemůže to nalézt nějaký soubor.
díky za rady

Logfile of random's system information tool 1.06 (written by random/random)
Run by Uživatel at 2013-05-29 23:43:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (3%) free of 51 GB
Total RAM: 2031 MB (61% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}]
Help the General-Search Project - C:\DOCUME~1\UIVATE~1\DATAAP~1\MEDIAF~1\EXTENS~1\GENCRA~1.DLL [2012-08-24 437376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-16 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-16 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-16 131072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-03-16 868352]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2010-01-12 3168216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ERGOM DayOrganizer"=C:\Program Files\Ergom\DayOrganizer\dayorganizer.exe /automat []
"Kalendar"=C:\Program Files\Kalendar\kalendar.exe []
"Media Finder"=C:\Program Files\Media Finder\Media Finder.exe /opentotray []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-13 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE"="C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE:*:Enabled:Client Activator"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eaa35ea-92fc-11de-b373-001a9223f710}]
shell\Auto\command - setup.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe


======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-05-29 23:43:55 ----D---- C:\Program Files\trend micro
2013-05-29 23:43:48 ----D---- C:\rsit
2013-05-29 20:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2829530$
2013-05-29 19:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-29 19:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-10 13:26:02 ----D---- C:\Program Files\Common Files\Skype
2013-05-10 10:24:27 ----D---- C:\Program Files\Mozilla Firefox
2013-05-09 15:17:18 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\vlc
2013-05-06 10:00:01 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\PCToolsFirewallPlus
2013-05-06 09:58:23 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-05-06 09:58:21 ----D---- C:\Program Files\Common Files\PC Tools
2013-05-06 09:57:58 ----D---- C:\Program Files\PC Tools Firewall Plus
2013-05-05 15:52:29 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\eM Client
2013-05-05 15:51:50 ----D---- C:\Program Files\eM Client
2013-05-05 13:32:04 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org
2013-05-05 12:56:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-05-05 12:54:23 ----D---- C:\Program Files\Microsoft Security Client
2013-05-05 11:23:01 ----A---- C:\WINDOWS\OEWABLog.txt
2013-05-03 19:26:51 ----A---- C:\WINDOWS\thtitanc.INI
2013-05-03 19:08:55 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\HoolappForAndroid

======List of files/folders modified in the last 1 months======

2013-05-29 23:43:55 ----RD---- C:\Program Files
2013-05-29 23:34:48 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-29 23:34:45 ----RSD---- C:\WINDOWS\assembly
2013-05-29 23:18:52 ----D---- C:\WINDOWS\temp
2013-05-29 23:14:13 ----D---- C:\WINDOWS\Prefetch
2013-05-29 23:13:55 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-29 23:11:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-29 22:32:04 ----D---- C:\WINDOWS
2013-05-29 22:30:17 ----D---- C:\WINDOWS\system32
2013-05-29 20:58:25 ----SHD---- C:\WINDOWS\Installer
2013-05-29 20:58:25 ----SHD---- C:\Config.Msi
2013-05-29 20:58:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-05-29 20:57:33 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-29 20:57:25 ----D---- C:\WINDOWS\WinSxS
2013-05-29 20:55:46 ----HD---- C:\WINDOWS\inf
2013-05-29 20:55:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-05-29 19:31:56 ----A---- C:\WINDOWS\imsins.BAK
2013-05-29 19:31:51 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-29 19:29:21 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-29 18:26:33 ----D---- C:\WINDOWS\system32\CatRoot
2013-05-23 21:20:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-05-19 17:00:34 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-19 17:00:28 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-05-11 12:15:09 ----D---- C:\WINDOWS\Minidump
2013-05-10 13:26:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-10 13:26:02 ----RD---- C:\Program Files\Skype
2013-05-10 13:26:02 ----D---- C:\Program Files\Common Files
2013-05-09 19:41:25 ----SD---- C:\WINDOWS\Tasks
2013-05-06 10:16:14 ----AC---- C:\WINDOWS\ntbtlog.txt
2013-05-06 09:58:38 ----D---- C:\WINDOWS\system32\drivers
2013-05-05 19:39:44 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt
2013-05-05 13:39:46 ----RSD---- C:\WINDOWS\Fonts
2013-05-05 13:00:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-05-05 12:54:32 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-05-05 12:35:15 ----SHD---- C:\RECYCLER
2013-05-05 11:25:46 ----D---- C:\WINDOWS\system32\appmgmt
2013-05-05 11:25:45 ----D---- C:\Documents and Settings
2013-05-05 11:23:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
2013-05-05 11:23:36 ----HD---- C:\Program Files\InstallShield Installation Information
2013-05-05 11:12:51 ----A---- C:\WINDOWS\system.ini
2013-05-05 11:01:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2013-05-03 19:31:03 ----AC---- C:\WINDOWS\CONTEXT.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-05-18 304640]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-05-18 94848]
R3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-13 2155520]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNDIS;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-01-07 58816]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 hlwinnt;hlwinnt; \??\C:\WINDOWS\system32\hlwinnt.sys []
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ASFWHide []
S3 AVerAF35;AVerMedia A825 USB Dual DVB-T; C:\WINDOWS\System32\Drivers\AVerAF35.sys [2009-05-26 485888]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\WINDOWS\system32\drivers\AVerFx2hbtv.sys [2008-01-15 257024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-10-30 44416]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-16 5760096]
S3 LVHybrid;LVHybrid service; C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-08-26 660992]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pctvvbi;PCTVVBI; C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
S3 Pfc;Padus ASPI Shell; \??\C:\WINDOWS\system32\drivers\pfc.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 DolBoot;DolBoot; \??\C:\WINDOWS\system32\dolboot.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-13 483328]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-18 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2009-11-09 818432]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
S2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-19 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-05-30 572416]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

Zdravím, máš málo volného místa na disku

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Vymazat
bude provedena oprava, restartuje se a vypadne log (C:\AdwCleaner [S?].txt) , jeho obsah vložíš sem

Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar" (pokud bude v nabídce)

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Obnova systému" - 1.řádek zachovej, ostatní "Odstranit"
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)
Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Pak vyřešíme AV + FW

[netman]

Tak jsem to projel podle návodu nejprve AdwCleanerem, potom MBAM a pak ještě CCleanerem. U CCleaneru nebyly žádné řádky u Obnovy systému(zřejmě, protože to nemám zaplé ve Windows)

Mám rozdělený HDD na C a D. Na C mám Program Files, Windows atd.-- systémové věci a na D mám data. Ještě předtím, než jsem tohle začal dělat, tak sem si všiml, že na D mám složku s názvem 266f42523c460f4ba33c49ac471afc Má cca 7 mega a v ní jsou další složky a soubory. Když kliknu v tom na setup.exe, tak se spustí Průvodce instalací aktualizace software KB2804576. Nevím o co se přesně jedná, akorát vím, že to tam dříve nebylo. Můžu tu složku vymazat? nebo co s tím?

Tady jsou ty logy:

# AdwCleaner v2.301 - Log vytvooen 30/05/2013 v 11:22:43
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Uživatel - KP-ADAPTECH_LCH
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Uživatel\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\Uživatel\Data aplikací\Media Finder
Složka Vymazáno : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Složka Vymazáno : C:\Documents and Settings\Uživatel\Data aplikací\SwvUpdater
Složka Vymazáno : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\MediaFinder
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\MF
Klíe Vymazáno : HKLM\Software\GamePlayLabs
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Klíe Vymazáno : HKLM\Software\PIP

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v6.0.2900.5512

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.certified-toolbar.com?si=43251&st=newtab&tid=3623&ver=2.9&ts=1368121152156&tguid=43251-3623-1368121152156-78029B6D6FC1677B2EE2E3BD031B0882 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\qmvaj8rr.default-1368174085859\prefs.js

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Documents and Settings\Uživatel\Data aplikací\Opera\Opera\operaprefs.ini

Vymazáno : Home URL=hxxp://start.icq.com/

*************************

AdwCleaner[S1].txt - [4218 octets] - [30/05/2013 11:22:43]

########## EOF - C:\AdwCleaner[S1].txt - [4278 octets] ##########



Logfile of random's system information tool 1.06 (written by random/random)
Run by Uživatel at 2013-05-29 23:43:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (3%) free of 51 GB
Total RAM: 2031 MB (61% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}]
Help the General-Search Project - C:\DOCUME~1\UIVATE~1\DATAAP~1\MEDIAF~1\EXTENS~1\GENCRA~1.DLL [2012-08-24 437376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-16 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-16 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-16 131072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-03-16 868352]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2010-01-12 3168216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ERGOM DayOrganizer"=C:\Program Files\Ergom\DayOrganizer\dayorganizer.exe /automat []
"Kalendar"=C:\Program Files\Kalendar\kalendar.exe []
"Media Finder"=C:\Program Files\Media Finder\Media Finder.exe /opentotray []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-13 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE"="C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE:*:Enabled:Client Activator"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eaa35ea-92fc-11de-b373-001a9223f710}]
shell\Auto\command - setup.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe


======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-05-29 23:43:55 ----D---- C:\Program Files\trend micro
2013-05-29 23:43:48 ----D---- C:\rsit
2013-05-29 20:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2829530$
2013-05-29 19:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-29 19:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-10 13:26:02 ----D---- C:\Program Files\Common Files\Skype
2013-05-10 10:24:27 ----D---- C:\Program Files\Mozilla Firefox
2013-05-09 15:17:18 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\vlc
2013-05-06 10:00:01 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\PCToolsFirewallPlus
2013-05-06 09:58:23 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-05-06 09:58:21 ----D---- C:\Program Files\Common Files\PC Tools
2013-05-06 09:57:58 ----D---- C:\Program Files\PC Tools Firewall Plus
2013-05-05 15:52:29 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\eM Client
2013-05-05 15:51:50 ----D---- C:\Program Files\eM Client
2013-05-05 13:32:04 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org
2013-05-05 12:56:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-05-05 12:54:23 ----D---- C:\Program Files\Microsoft Security Client
2013-05-05 11:23:01 ----A---- C:\WINDOWS\OEWABLog.txt
2013-05-03 19:26:51 ----A---- C:\WINDOWS\thtitanc.INI
2013-05-03 19:08:55 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\HoolappForAndroid

======List of files/folders modified in the last 1 months======

2013-05-29 23:43:55 ----RD---- C:\Program Files
2013-05-29 23:34:48 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-29 23:34:45 ----RSD---- C:\WINDOWS\assembly
2013-05-29 23:18:52 ----D---- C:\WINDOWS\temp
2013-05-29 23:14:13 ----D---- C:\WINDOWS\Prefetch
2013-05-29 23:13:55 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-29 23:11:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-29 22:32:04 ----D---- C:\WINDOWS
2013-05-29 22:30:17 ----D---- C:\WINDOWS\system32
2013-05-29 20:58:25 ----SHD---- C:\WINDOWS\Installer
2013-05-29 20:58:25 ----SHD---- C:\Config.Msi
2013-05-29 20:58:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-05-29 20:57:33 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-29 20:57:25 ----D---- C:\WINDOWS\WinSxS
2013-05-29 20:55:46 ----HD---- C:\WINDOWS\inf
2013-05-29 20:55:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-05-29 19:31:56 ----A---- C:\WINDOWS\imsins.BAK
2013-05-29 19:31:51 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-29 19:29:21 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-29 18:26:33 ----D---- C:\WINDOWS\system32\CatRoot
2013-05-23 21:20:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-05-19 17:00:34 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-19 17:00:28 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-05-11 12:15:09 ----D---- C:\WINDOWS\Minidump
2013-05-10 13:26:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-10 13:26:02 ----RD---- C:\Program Files\Skype
2013-05-10 13:26:02 ----D---- C:\Program Files\Common Files
2013-05-09 19:41:25 ----SD---- C:\WINDOWS\Tasks
2013-05-06 10:16:14 ----AC---- C:\WINDOWS\ntbtlog.txt
2013-05-06 09:58:38 ----D---- C:\WINDOWS\system32\drivers
2013-05-05 19:39:44 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt
2013-05-05 13:39:46 ----RSD---- C:\WINDOWS\Fonts
2013-05-05 13:00:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-05-05 12:54:32 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-05-05 12:35:15 ----SHD---- C:\RECYCLER
2013-05-05 11:25:46 ----D---- C:\WINDOWS\system32\appmgmt
2013-05-05 11:25:45 ----D---- C:\Documents and Settings
2013-05-05 11:23:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
2013-05-05 11:23:36 ----HD---- C:\Program Files\InstallShield Installation Information
2013-05-05 11:12:51 ----A---- C:\WINDOWS\system.ini
2013-05-05 11:01:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2013-05-03 19:31:03 ----AC---- C:\WINDOWS\CONTEXT.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-05-18 304640]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-05-18 94848]
R3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-13 2155520]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNDIS;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-01-07 58816]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 hlwinnt;hlwinnt; \??\C:\WINDOWS\system32\hlwinnt.sys []
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ASFWHide []
S3 AVerAF35;AVerMedia A825 USB Dual DVB-T; C:\WINDOWS\System32\Drivers\AVerAF35.sys [2009-05-26 485888]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\WINDOWS\system32\drivers\AVerFx2hbtv.sys [2008-01-15 257024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-10-30 44416]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-16 5760096]
S3 LVHybrid;LVHybrid service; C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-08-26 660992]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pctvvbi;PCTVVBI; C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
S3 Pfc;Padus ASPI Shell; \??\C:\WINDOWS\system32\drivers\pfc.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 DolBoot;DolBoot; \??\C:\WINDOWS\system32\dolboot.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-13 483328]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-18 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2009-11-09 818432]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
S2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-19 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-05-30 572416]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

Nač je mi starý RSIT? Run by Uživatel at 2013-05-29 23:43:48

složku na D: můžeš smazat

Nález MBAM jsi nechal vše odstranit?

aktuální RSIT dej

[netman]

u nálezu MBAM mi to psalo žádnou infekci.
Složka na D: nejde odstranit - píše to, že nějaký soubor eula.rtf nelze odstranit.

tady je aktuální log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Uživatel at 2013-05-30 14:28:52
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (10%) free of 51 GB
Total RAM: 2031 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-18 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-16 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-16 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-16 131072]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-03-16 868352]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2010-01-12 3168216]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2013-02-18 774168]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-13 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE"="C:\Program Files\Freedom Scientific\Activator\1.1\FSACTIVATE.EXE:*:Enabled:Client Activator"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eaa35ea-92fc-11de-b373-001a9223f710}]
shell\Auto\command - setup.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe


======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-05-30 12:38:53 ----D---- C:\Program Files\CCleaner
2013-05-30 11:27:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-05-30 11:22:43 ----A---- C:\AdwCleaner[S1].txt
2013-05-29 23:43:55 ----D---- C:\Program Files\trend micro
2013-05-29 23:43:48 ----D---- C:\rsit
2013-05-29 20:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2829530$
2013-05-29 19:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-29 19:29:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-10 13:26:02 ----D---- C:\Program Files\Common Files\Skype
2013-05-10 10:24:27 ----D---- C:\Program Files\Mozilla Firefox
2013-05-09 15:17:18 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\vlc
2013-05-06 10:00:01 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\PCToolsFirewallPlus
2013-05-06 09:58:23 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-05-06 09:58:21 ----D---- C:\Program Files\Common Files\PC Tools
2013-05-06 09:57:58 ----D---- C:\Program Files\PC Tools Firewall Plus
2013-05-05 15:52:29 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\eM Client
2013-05-05 15:51:50 ----D---- C:\Program Files\eM Client
2013-05-05 13:32:04 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\OpenOffice.org
2013-05-05 12:56:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-05-05 12:54:23 ----D---- C:\Program Files\Microsoft Security Client
2013-05-03 19:26:51 ----A---- C:\WINDOWS\thtitanc.INI
2013-05-03 19:08:55 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\HoolappForAndroid

======List of files/folders modified in the last 1 months======

2013-05-30 14:09:23 ----D---- C:\WINDOWS\temp
2013-05-30 14:04:20 ----D---- C:\WINDOWS
2013-05-30 14:03:15 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-30 14:02:39 ----D---- C:\WINDOWS\Minidump
2013-05-30 13:59:26 ----RSD---- C:\WINDOWS\assembly
2013-05-30 13:09:59 ----D---- C:\Program Files\Winamp
2013-05-30 12:41:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-05-30 12:41:38 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\uTorrent
2013-05-30 12:41:38 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2013-05-30 12:41:18 ----D---- C:\WINDOWS\Logs
2013-05-30 12:41:18 ----D---- C:\WINDOWS\Debug
2013-05-30 12:38:53 ----RD---- C:\Program Files
2013-05-30 11:41:31 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-30 11:29:15 ----D---- C:\WINDOWS\system32\drivers
2013-05-30 11:28:30 ----D---- C:\WINDOWS\Prefetch
2013-05-30 11:23:17 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-05-29 22:30:17 ----D---- C:\WINDOWS\system32
2013-05-29 20:58:25 ----SHD---- C:\WINDOWS\Installer
2013-05-29 20:58:25 ----SHD---- C:\Config.Msi
2013-05-29 20:58:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-05-29 20:57:33 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-29 20:57:25 ----D---- C:\WINDOWS\WinSxS
2013-05-29 20:55:46 ----HD---- C:\WINDOWS\inf
2013-05-29 20:55:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-05-29 19:31:51 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-29 19:29:21 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-29 18:26:33 ----D---- C:\WINDOWS\system32\CatRoot
2013-05-19 17:00:34 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-19 17:00:28 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-05-10 13:26:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-10 13:26:02 ----RD---- C:\Program Files\Skype
2013-05-10 13:26:02 ----D---- C:\Program Files\Common Files
2013-05-09 19:41:25 ----SD---- C:\WINDOWS\Tasks
2013-05-05 19:39:44 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt
2013-05-05 13:39:46 ----RSD---- C:\WINDOWS\Fonts
2013-05-05 13:00:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-05-05 12:54:32 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-05-05 12:35:15 ----SHD---- C:\RECYCLER
2013-05-05 11:25:46 ----D---- C:\WINDOWS\system32\appmgmt
2013-05-05 11:25:45 ----D---- C:\Documents and Settings
2013-05-05 11:23:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
2013-05-05 11:23:36 ----HD---- C:\Program Files\InstallShield Installation Information
2013-05-05 11:12:51 ----A---- C:\WINDOWS\system.ini
2013-05-05 11:01:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2013-05-03 19:31:03 ----AC---- C:\WINDOWS\CONTEXT.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-05-18 304640]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-05-18 94848]
R3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-13 2155520]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNDIS;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-01-07 58816]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 hlwinnt;hlwinnt; \??\C:\WINDOWS\system32\hlwinnt.sys []
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ASFWHide []
S3 AVerAF35;AVerMedia A825 USB Dual DVB-T; C:\WINDOWS\System32\Drivers\AVerAF35.sys [2009-05-26 485888]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\WINDOWS\system32\drivers\AVerFx2hbtv.sys [2008-01-15 257024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-10-30 44416]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-16 5760096]
S3 LVHybrid;LVHybrid service; C:\WINDOWS\system32\DRIVERS\LVHybrid.sys [2005-08-26 660992]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pctvvbi;PCTVVBI; C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 6400]
S3 Pfc;Padus ASPI Shell; \??\C:\WINDOWS\system32\drivers\pfc.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 DolBoot;DolBoot; \??\C:\WINDOWS\system32\dolboot.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-13 483328]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-18 153376]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2009-11-09 818432]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-19 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-06 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-05-30 572416]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „Moveit!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\AVG
C:\AdwCleaner[S1].txt
C:\WINDOWS\system32\drivers\SbFw.sys
C:\WINDOWS\system32\drivers\sbhips.sys
C:\WINDOWS\system32\DRIVERS\sbfwim.sys

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"KernelFaultCheck"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"=-
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eaa35ea-92fc-11de-b373-001a9223f710}]

:Services
SbFw
sbhips
SBFWIMCL
hlwinnt
ASFWHide
catchme
JavaQuickStarterService

Po restartu přeinstaluj FW i AV a napiš jak se PC chová

[netman]

Edit: Tak jsem v Nastavení- Sítové pripojení- Pripojení k místní síti - Vlastnosti - Odinstaloval Sunbelt Software Firewall a najednou připojení k internetu funguje !!
Zřejmě se tam nějak míchaly ty Firewally. Teď tam mám jen PC Tools Firewall Driver


Tak po tom posledním zásahu s OTM a následném restartu PC mi přestalo fungovat připojení k internetu. Vůbec žádné pakety jak odeslané, tak přijaté v Síťovém připojení. Ještě že Wifina funguje z toho modemu - píšu přes notebook, jinak bych byl totálně vyřízenej. Prosím, jak to dát zpátky, aby šlo aspoň to připojení k netu??? FW a AV jsem zatím nepřeinstalovával.
TAdy je ten log:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65716 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 121024 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Uživatel
->Temp folder emptied: 91922280 bytes
->Temporary Internet Files folder emptied: 184100 bytes
->Java cache emptied: 7546491 bytes
->FireFox cache emptied: 12947472 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2076 bytes

User: U�ivatel

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49675 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 95089906 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 198,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Uživatel
->Flash cache emptied: 0 bytes

User: U�ivatel

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Uživatel
->Java cache emptied: 0 bytes

User: U�ivatel

Total Java Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP131.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP133.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP284.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP39.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP39B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP425.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP447.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP467.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP58A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP66.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP67C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP758.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFD.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI174.tmp moved successfully.
C:\WINDOWS\Installer\MSI2B0.tmp moved successfully.
C:\WINDOWS\Installer\MSI561.tmp moved successfully.
C:\WINDOWS\Installer\MSI569.tmp moved successfully.
C:\WINDOWS\Installer\MSI580.tmp moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Program Files\AVG not found.
C:\AdwCleaner[S1].txt moved successfully.
C:\WINDOWS\system32\drivers\SbFw.sys moved successfully.
C:\WINDOWS\system32\drivers\sbhips.sys moved successfully.
C:\WINDOWS\system32\DRIVERS\SbFwIm.sys moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\AVG\AVG2012\avgmfapx.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\AVG\AVG2013\avgmfapx.exe deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9eaa35ea-92fc-11de-b373-001a9223f710}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9eaa35ea-92fc-11de-b373-001a9223f710}\ not found.
========== SERVICES/DRIVERS ==========
Error: Unable to stop service SbFw!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw deleted successfully.
Service sbhips stopped successfully!
Service sbhips deleted successfully!
Error: Unable to stop service SBFWIMCL!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL deleted successfully.
Service hlwinnt stopped successfully!
Service hlwinnt deleted successfully!
Service ASFWHide stopped successfully!
Service ASFWHide deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 05302013_155136

Files moved on Reboot...

Registry entries deleted on Reboot...

[cernohous13]

Start -> Spustit... - zadej devmgmt.msc -> OK
zkontroluj "Síťové adaptéry" - žádná žlutá výstraha?

[netman]

Ne, síťové adaptéry jsou v pořádku a připojení k internetu se zdá, že je taky ok.

Pořád je ale v Přidat nebo odebrat programy Sunbelt Personal Firewall. Když dám Odinstalovat, tak chvíli jako, že to začne odinstalovávat, ale pak tam skočí, že to nenašlo asi nějaký soubor v C:/Documents and Settings ...
V Centrum zabezpečení- Brána Firewall mi to píše, že v počítači je nainstalována nejméně jedna brána Firewall. Vím, že když jsem měl Kerio, tak tam přímo bylo uvedené.

Ta složka na D: ohledně té aktualizace zřejmě Microsoft NET Framework 4:0 je tam pořád a nejde vymazat v běžném režimu.

A ještě možná podezřelý je soubor na C:/cookies.sglite - to tam dříve taky nebývalo - má to 0 bajtů

[cernohous13]

Stáhni "System Look" - http://jpshortstuff.247fixes.com/SystemLook.exe
Spusť jej a do okna zkopíruj

Kód: Vybrat vše

:filefind
*Sunbelt*
*Kerio*
:regfind
Sunbelt
Kerio

Klik na "Look" a po scanu sem zkopíruj výsledek hledání

[netman]

SystemLook 30.07.11 by jpshortstuff
Log created at 17:55 on 30/05/2013 by Uživatel
Administrator - Elevation successful

========== filefind ==========

Searching for "*Sunbelt*"
No files found.

Searching for "*Kerio*"
No files found.

========== regfind ==========

Searching for "Sunbelt"
[HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\E0511B2873B9CF9438BE5D12799D000D]
"ProductName"="Sunbelt Personal Firewall"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software]
[HKEY_CURRENT_USER\Software\Sunbelt Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"HelpLink"="http://www.sunbelt-software.com/support-HomeOffice.cfm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"InstallLocation"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"Publisher"="Sunbelt Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"URLInfoAbout"="http://www.sunbelt-software.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"URLUpdateInfo"="http://www.sunbelt-software.com/Kerio.cfm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"DisplayName"="Sunbelt Personal Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software]
"InstallRoot"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall]
"ExtendPATH"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall]
"InstallPath"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KPF4\0000]
"DeviceDesc"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khips]
"TraceFile"="C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\khips.log"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"ImagePath"=""C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"DisplayName"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"Description"="Sunbelt Kerio Personal Firewall Engine"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SPF4\0000]
"DeviceDesc"="Sunbelt Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0015]
"ProviderName"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0015]
"DriverDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0016]
"ProviderName"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0016]
"DriverDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"Sunbelt Software Firewall NDIS IM Filter Miniport"="1 2"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{AA4C2747-6627-4594-AD20-382C6C62AE83}]
"Description"="Sunbelt Software Firewall NDIS IM Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{AA4C2747-6627-4594-AD20-382C6C62AE83}\Ndi]
"HelpText"="Sunbelt Software Firewall NDIS IM Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_SPF4\0000]
"DeviceDesc"="Sunbelt Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0000]
"Mfg"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0000]
"DeviceDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0000]
"FriendlyName"="Intel(R) 82566DM Gigabit Network Connection - Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0001]
"FriendlyName"="WAN Miniport (IP) - Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0001]
"Mfg"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0001]
"DeviceDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000]
"DeviceDesc"="Sunbelt Personal Firewall 4"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Installer\Products\E0511B2873B9CF9438BE5D12799D000D]
"ProductName"="Sunbelt Personal Firewall"
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software]
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Sunbelt Software]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"

Searching for "Kerio"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software\Kerio Personal Firewall 4]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"URLUpdateInfo"="http://www.sunbelt-software.com/Kerio.cfm"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KPF4\0000]
"DeviceDesc"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khips]
"DisplayName"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"DisplayName"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"Description"="Sunbelt Kerio Personal Firewall Engine"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_USERS\.DEFAULT\Software\Kerio]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software\Kerio Personal Firewall 4]
[HKEY_USERS\S-1-5-18\Software\Kerio]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"

-= EOF =-

[cernohous13]

Registry zkusíme vyčistit

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Opakuj SystemLook s předchozím zadáním

[netman]

Tak Ccleaner nic už nenajde. Jak v čištění, tak v registrech to ukázalo, že je to čisté.

Log tedy asi bude stejný. To je záhada.

SystemLook 30.07.11 by jpshortstuff
Log created at 18:28 on 30/05/2013 by Uživatel
Administrator - Elevation successful

========== filefind ==========

Searching for "*Sunbelt*"
No files found.

Searching for "*Kerio*"
No files found.

========== regfind ==========

Searching for "Sunbelt"
[HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\E0511B2873B9CF9438BE5D12799D000D]
"ProductName"="Sunbelt Personal Firewall"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software]
[HKEY_CURRENT_USER\Software\Sunbelt Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"HelpLink"="http://www.sunbelt-software.com/support-HomeOffice.cfm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"InstallLocation"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"Publisher"="Sunbelt Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"URLInfoAbout"="http://www.sunbelt-software.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"URLUpdateInfo"="http://www.sunbelt-software.com/Kerio.cfm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"DisplayName"="Sunbelt Personal Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software]
"InstallRoot"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall]
"ExtendPATH"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall]
"InstallPath"="C:\Program Files\Sunbelt Software\Personal Firewall\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KPF4\0000]
"DeviceDesc"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khips]
"TraceFile"="C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\khips.log"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"ImagePath"=""C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"DisplayName"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"Description"="Sunbelt Kerio Personal Firewall Engine"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SPF4\0000]
"DeviceDesc"="Sunbelt Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0015]
"ProviderName"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0015]
"DriverDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0016]
"ProviderName"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0016]
"DriverDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions]
"Sunbelt Software Firewall NDIS IM Filter Miniport"="1 2"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{AA4C2747-6627-4594-AD20-382C6C62AE83}]
"Description"="Sunbelt Software Firewall NDIS IM Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{AA4C2747-6627-4594-AD20-382C6C62AE83}\Ndi]
"HelpText"="Sunbelt Software Firewall NDIS IM Filter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_SPF4\0000]
"DeviceDesc"="Sunbelt Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0000]
"Mfg"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0000]
"DeviceDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0000]
"FriendlyName"="Intel(R) 82566DM Gigabit Network Connection - Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0001]
"FriendlyName"="WAN Miniport (IP) - Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0001]
"Mfg"="Sunbelt Software, Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\SB_SBFWIMCLMP\0001]
"DeviceDesc"="Sunbelt Software Firewall NDIS IM Filter Miniport"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000]
"DeviceDesc"="Sunbelt Personal Firewall 4"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Installer\Products\E0511B2873B9CF9438BE5D12799D000D]
"ProductName"="Sunbelt Personal Firewall"
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software]
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Sunbelt Software]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"

Searching for "Kerio"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software\Kerio Personal Firewall 4]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
"URLUpdateInfo"="http://www.sunbelt-software.com/Kerio.cfm"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KPF4\0000]
"DeviceDesc"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khips]
"DisplayName"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"DisplayName"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"Description"="Sunbelt Kerio Personal Firewall Engine"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_USERS\.DEFAULT\Software\Kerio]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software\Kerio Personal Firewall 4]
[HKEY_USERS\S-1-5-18\Software\Kerio]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"="Sunbelt Kerio Personal Firewall 4 - GUI"

-= EOF =-

[cernohous13]

Ten Kerio nebyl odinstalovaný ale jen smazaný

Nový script pro OTM

Kód: Vybrat vše

:reg
[-HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\E0511B2873B9CF9438BE5D12799D000D]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software]
[-HKEY_CURRENT_USER\Software\Sunbelt Software]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{82B1150E-9B37-49FC-83EB-D52197D900D0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"=-
[HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Installer\Products\E0511B2873B9CF9438BE5D12799D000D]
"ProductName"=-
[-HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software]
[-HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Sunbelt Software]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_KHIPS\0000]
[-HKEY_USERS\.DEFAULT\Software\Kerio]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
[-HKEY_USERS\S-1-5-21-2349408839-3629286800-3151588910-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Sunbelt Software\Kerio Personal Firewall 4]
[-HKEY_USERS\S-1-5-18\Software\Kerio]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]

:commands
[reboot]

a znovu SystemLook

[netman]

Tak jsem znova to projel OTM s tím parametrem

a SystemLock s:
:filefind
*Sunbelt*
*Kerio*
:regfind
Sunbelt
Kerio

je zde:

Jinak pozoruju, že vždycky při startování Windows po restartu nebo normálně zapnutí poměrně dlouho trvá, než je možné myší najet na dolní lištu nebo Systray, tlačítko Start atd. Vždycky se tam ukazují poměrně dlouho přesýpací hodiny. Nejdřív se spustí Microsoft Security Essentials a pak Připojení k místní síti. Ostatní ikonky, jako třeba Firewall, který se dříve spouštěl se v Systray neobjeví...

SystemLook 30.07.11 by jpshortstuff
Log created at 20:57 on 30/05/2013 by Uživatel
Administrator - Elevation successful

========== filefind ==========

Searching for "*Sunbelt*"
No files found.

Searching for "*Kerio*"
No files found.

========== regfind ==========

Searching for "Sunbelt"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KPF4\0000]
"DeviceDesc"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khips]
"TraceFile"="C:\Program Files\Sunbelt Software\Personal Firewall 4\logs\khips.log"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"ImagePath"=""C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"DisplayName"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"Description"="Sunbelt Kerio Personal Firewall Engine"

Searching for "Kerio"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KHIPS\0000]
"DeviceDesc"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KPF4\0000]
"DeviceDesc"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\khips]
"DisplayName"="Kerio HIPS Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"DisplayName"="Sunbelt Kerio Personal Firewall 4"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KPF4]
"Description"="Sunbelt Kerio Personal Firewall Engine"

-= EOF =-