prosím o kontrolu logu, tuhne PC

[ropman]

Dobrý den,
zkusil jsem vlastními silami projet různými antiviry, ale stále se objevuje tuhnutí PC při přihlášení, případně ještě před nebo po přihlášení, často je třeba 5x restart neež se přihlášení povede.
Naposledy jsem v nouzovém režimu pustil kontrolu bez opravy pomocí TDSSKiller a pročistil PC a registry CCLEANERem.
Po normálním spuštění se objevilo okno:

"Systém Windows nemůže nalézt 63D4B5DD-0990-43E6-937E-1F8E8FCC221E.exe" - v registrech jsem takový název nenašel.
Je možné že se přece jen něco podařilo odstranit ?
MBAM jsem zkusil jen právě nyní nainstalovat, standardně je na PC jen ESET.

Kdysi na PC, které se chovalo stejně, a zkoušel jsem taky vše možné, mi z nějakého logu vyčetli, že snad tam byl rootkit, který se tvářil jako ovladač disku od Intelu. Zde je také deska Intel ...

zde je log z RSIT a moc prosím o jeho kontrolu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by ls at 2013-08-06 09:59:55
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 86 GB (86%) free of 100 GB
Total RAM: 1015 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:00:02, on 6.8.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Bruker Daltonik\NTDS\bin\DCOMLibraryService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Altap Salamander 2.5\salamand.exe
C:\WINDOWS\regedit.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\INSTALL\Antiviry\RSIT.exe
C:\Program Files\trend micro\ls.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Salamander 2.52.lnk = C:\Program Files\Altap Salamander 2.5\salamand.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://danaher.webex.com/client/WBXcli ... eatgpc.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BDal LibrarySearch Service (BDal LibrarySearch) - Bruker Daltonik GmbH - C:\Program Files\Common Files\Bruker Daltonik\NTDS\bin\DCOMLibraryService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 5078 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\ls\Data aplikací\Mozilla\Firefox\Profiles\fl4bsm4q.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@macromedia.com/FlashPlayer10]
"Description"=Adobe Flash Player 10.0
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll


C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-25 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NWEReboot"= []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 5078504]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-02-26 16125440]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-01-13 131072]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe [2013-06-12 814472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Salamander 2.52.lnk - C:\Program Files\Altap Salamander 2.5\salamand.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-01-13 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\20592176.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\30125378.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\40569881.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\51511600.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\20592176.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\30125378.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\40569881.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\51511600.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-08-06 09:17:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-08-06 09:17:34 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-08-06 09:14:23 ----A---- C:\TDSSKiller.2.8.18.0_06.08.2013_09.14.23_log.txt
2013-08-06 09:10:09 ----A---- C:\TDSSKiller.2.8.18.0_06.08.2013_09.10.09_log.txt
2013-08-06 08:59:58 ----A---- C:\AdwCleaner[R11].txt
2013-08-01 14:45:20 ----A---- C:\TDSSKiller.2.8.16.0_01.08.2013_14.45.20_log.txt
2013-08-01 14:43:13 ----A---- C:\TDSSKiller.2.8.16.0_01.08.2013_14.43.13_log.txt
2013-08-01 14:42:30 ----A---- C:\AdwCleaner[R10].txt
2013-08-01 14:30:33 ----A---- C:\AdwCleaner[R9].txt
2013-08-01 14:26:56 ----A---- C:\WINDOWS\ntbtlog.txt
2013-08-01 14:21:47 ----A---- C:\AdwCleaner[S4].txt
2013-08-01 14:21:08 ----A---- C:\AdwCleaner[R8].txt
2013-08-01 12:29:47 ----A---- C:\WINDOWS\OEWABLog.txt
2013-08-01 12:27:40 ----D---- C:\0_SMAZAT
2013-07-22 14:13:50 ----D---- C:\Program Files\Adobe
2013-07-08 15:53:12 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-08-06 10:00:02 ----D---- C:\WINDOWS\Prefetch
2013-08-06 09:59:59 ----D---- C:\Program Files\trend micro
2013-08-06 09:45:35 ----D---- C:\WINDOWS\Temp
2013-08-06 09:45:35 ----D---- C:\Program Files\Bruker Daltonik
2013-08-06 09:45:27 ----SHD---- C:\WINDOWS\Installer
2013-08-06 09:18:24 ----D---- C:\WINDOWS\system32\drivers
2013-08-06 09:17:34 ----RD---- C:\Program Files
2013-08-06 09:14:34 ----D---- C:\WINDOWS\system32\CatRoot2
2013-08-06 09:05:28 ----D---- C:\WINDOWS\system32
2013-08-06 08:56:55 ----D---- C:\Program Files\CCleaner
2013-08-06 08:53:59 ----SHD---- C:\RECYCLER
2013-08-02 12:41:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-01 14:26:56 ----D---- C:\WINDOWS
2013-08-01 14:10:50 ----D---- C:\Documents and Settings
2013-07-22 14:14:06 ----D---- C:\Program Files\Common Files\Adobe
2013-07-22 14:14:00 ----D---- C:\WINDOWS\WinSxS
2013-07-22 14:13:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-07-11 10:55:58 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2013-07-08 15:58:02 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-01-10 161368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2013-02-14 62512]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-01-10 150080]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-10-31 165760]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2013-01-10 40376]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-01-13 5672032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-01 4484608]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
S3 TrueSight;TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BDal LibrarySearch;BDal LibrarySearch Service; C:\Program Files\Common Files\Bruker Daltonik\NTDS\bin\DCOMLibraryService.exe [2009-01-13 176640]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-25 182184]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-08 117144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[ropman]

a pro případ potřeby jsem vytvořil log ještě z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by ls (administrator) on 06-08-2013 10:10:08
Running from C:\
Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 6
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-21] (ESET)
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16125440 2007-02-26] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin [814472 2013-06-12] (Adobe Systems Incorporated)
HKU\Zbyněk Zdráhal\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2004-08-17] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Salamander 2.52.lnk
ShortcutTarget: Salamander 2.52.lnk -> C:\Program Files\Altap Salamander 2.5\salamand.exe (ALTAP)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/s ... wflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://danaher.webex.com/client/WBXcli ... eatgpc.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 147.251.4.33 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Documents and Settings\ls\Data aplikací\Mozilla\Firefox\Profiles\fl4bsm4q.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @macromedia.com/FlashPlayer10 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Docs) - C:\DOCUME~1\ls\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\DOCUME~1\ls\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\DOCUME~1\ls\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\DOCUME~1\ls\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\DOCUME~1\ls\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

S2 BDal LibrarySearch; C:\Program Files\Common Files\Bruker Daltonik\NTDS\bin\DCOMLibraryService.exe [176640 2009-01-13] (Bruker Daltonik GmbH)
S2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-21] (ESET)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [161368 2013-01-10] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
S2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
S3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [40376 2013-01-10] (ESET)
S1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [62512 2013-02-14] (ESET)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows (R) Server 2003 DDK provider)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2006-03-02] ()
U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-06 10:09 - 2013-08-06 10:09 - 00000000 ____D C:\FRST
2013-08-06 10:04 - 2013-08-06 10:03 - 01228808 _____ (Farbar) C:\FRST.exe
2013-08-06 09:17 - 2013-08-06 09:17 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-06 09:17 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-06 08:59 - 2013-08-06 09:00 - 00001536 _____ C:\AdwCleaner[R11].txt
2013-08-01 14:42 - 2013-08-01 14:42 - 00001937 _____ C:\AdwCleaner[R10].txt
2013-08-01 14:41 - 2013-08-01 14:41 - 00001455 _____ C:\Documents and Settings\ls\Plocha\RKreport[0]_S_08012013_144159.txt
2013-08-01 14:30 - 2013-08-01 14:30 - 00001880 _____ C:\AdwCleaner[R9].txt
2013-08-01 14:30 - 2013-08-01 14:30 - 00001425 _____ C:\Documents and Settings\ls\Plocha\RKreport[0]_S_08012013_143001.txt
2013-08-01 14:21 - 2013-08-01 14:22 - 00001859 _____ C:\AdwCleaner[S4].txt
2013-08-01 14:21 - 2013-08-01 14:21 - 00001801 _____ C:\AdwCleaner[R8].txt
2013-08-01 14:10 - 2013-08-01 14:11 - 00000178 ___SH C:\Documents and Settings\zbynek\ntuser.ini
2013-08-01 14:10 - 2013-08-01 14:11 - 00000000 __RHD C:\Documents and Settings\zbynek\Data aplikací
2013-08-01 14:10 - 2013-08-01 14:11 - 00000000 ___RD C:\Documents and Settings\zbynek\Oblíbené položky
2013-08-01 14:10 - 2013-08-01 14:11 - 00000000 ___RD C:\Documents and Settings\zbynek\Dokumenty
2013-08-01 14:10 - 2013-08-01 14:11 - 00000000 ___HD C:\Documents and Settings\zbynek\Local Settings\Data aplikací
2013-08-01 14:10 - 2013-08-01 14:10 - 00000000 ____D C:\Documents and Settings\zbynek
2013-08-01 14:10 - 2008-05-06 16:54 - 00000000 ___RD C:\Documents and Settings\zbynek\Nabídka Start
2013-08-01 14:10 - 2008-05-06 16:54 - 00000000 ___HD C:\Documents and Settings\zbynek\Okolní tiskárny
2013-08-01 14:10 - 2008-05-06 16:54 - 00000000 ___HD C:\Documents and Settings\zbynek\Okolní síť
2013-08-01 14:10 - 2008-05-06 16:54 - 00000000 ____D C:\Documents and Settings\zbynek\Plocha
2013-08-01 14:10 - 2008-05-06 15:11 - 00000000 ___HD C:\Documents and Settings\zbynek\Šablony
2013-08-01 12:29 - 2013-08-01 14:11 - 00000788 _____ C:\WINDOWS\wmsetup.log
2013-08-01 12:27 - 2013-08-01 14:07 - 00000000 ____D C:\0_SMAZAT
2013-07-22 14:13 - 2013-07-22 14:13 - 00000000 ____D C:\Program Files\Adobe
2013-07-08 15:53 - 2013-07-08 15:58 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-08-06 10:09 - 2013-08-06 10:09 - 00000000 ____D C:\FRST
2013-08-06 10:06 - 2013-06-14 10:01 - 00000178 ___SH C:\Documents and Settings\ls\ntuser.ini
2013-08-06 10:06 - 2008-05-06 15:39 - 00032548 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-06 10:06 - 2008-05-06 15:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-06 10:06 - 2008-05-06 15:13 - 00505515 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-06 10:03 - 2013-08-06 10:04 - 01228808 _____ (Farbar) C:\FRST.exe
2013-08-06 09:59 - 2013-06-14 12:33 - 00000000 ____D C:\Program Files\trend micro
2013-08-06 09:45 - 2013-06-26 10:42 - 00000000 ____D C:\Program Files\Bruker Daltonik
2013-08-06 09:45 - 2013-06-14 10:01 - 00000000 ____D C:\Documents and Settings\ls
2013-08-06 09:17 - 2013-08-06 09:17 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-06 09:17 - 2008-05-06 16:54 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-08-06 09:00 - 2013-08-06 08:59 - 00001536 _____ C:\AdwCleaner[R11].txt
2013-08-06 08:56 - 2013-06-14 11:50 - 00000000 ____D C:\Program Files\CCleaner
2013-08-06 08:53 - 2013-06-14 09:03 - 00000000 ____D C:\Documents and Settings\Administrator
2013-08-06 08:50 - 2006-03-02 14:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-02 12:41 - 2008-05-06 15:40 - 00000272 ___SH C:\Documents and Settings\Zbyněk Zdráhal\ntuser.ini
2013-08-02 07:01 - 2008-05-12 10:34 - 00001614 _____ C:\Documents and Settings\Zbyněk Zdráhal\intlname.ols
2013-08-01 14:42 - 2013-08-01 14:42 - 00001937 _____ C:\AdwCleaner[R10].txt
2013-08-01 14:41 - 2013-08-01 14:41 - 00001455 _____ C:\Documents and Settings\ls\Plocha\RKreport[0]_S_08012013_144159.txt
2013-08-01 14:41 - 2013-06-14 10:01 - 00000000 ____D C:\Documents and Settings\ls\Plocha
2013-08-01 14:30 - 2013-08-01 14:30 - 00001880 _____ C:\AdwCleaner[R9].txt
2013-08-01 14:30 - 2013-08-01 14:30 - 00001425 _____ C:\Documents and Settings\ls\Plocha\RKreport[0]_S_08012013_143001.txt
2013-08-01 14:22 - 2013-08-01 14:21 - 00001859 _____ C:\AdwCleaner[S4].txt
2013-08-01 14:21 - 2013-08-01 14:21 - 00001801 _____ C:\AdwCleaner[R8].txt
2013-08-01 14:11 - 2013-08-01 14:10 - 00000178 ___SH C:\Documents and Settings\zbynek\ntuser.ini
2013-08-01 14:11 - 2013-08-01 14:10 - 00000000 __RHD C:\Documents and Settings\zbynek\Data aplikací
2013-08-01 14:11 - 2013-08-01 14:10 - 00000000 ___RD C:\Documents and Settings\zbynek\Oblíbené položky
2013-08-01 14:11 - 2013-08-01 14:10 - 00000000 ___RD C:\Documents and Settings\zbynek\Dokumenty
2013-08-01 14:11 - 2013-08-01 14:10 - 00000000 ___HD C:\Documents and Settings\zbynek\Local Settings\Data aplikací
2013-08-01 14:11 - 2013-08-01 12:29 - 00000788 _____ C:\WINDOWS\wmsetup.log
2013-08-01 14:10 - 2013-08-01 14:10 - 00000000 ____D C:\Documents and Settings\zbynek
2013-08-01 14:07 - 2013-08-01 12:27 - 00000000 ____D C:\0_SMAZAT
2013-08-01 12:11 - 2008-05-06 15:40 - 00000000 ____D C:\Documents and Settings\Zbyněk Zdráhal
2013-07-22 14:14 - 2008-05-07 16:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-07-22 14:13 - 2013-07-22 14:13 - 00000000 ____D C:\Program Files\Adobe
2013-07-11 15:26 - 2013-06-18 15:52 - 00017592 _____ C:\WINDOWS\setupapi.log
2013-07-11 10:55 - 2008-07-24 08:12 - 00000151 _____ C:\WINDOWS\PhotoSnapViewer.INI
2013-07-08 15:58 - 2013-07-08 15:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-08 15:58 - 2013-06-14 13:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 1032704 ____A (Microsoft Corporation) 53114d57ab73a406ac7f602227781a99

C:\Windows\System32\winlogon.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0502272 ____A (Microsoft Corporation) 221c29ae1b4cc61d11d8b27de78b2307

C:\Windows\System32\svchost.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0014336 ____A (Microsoft Corporation) dfba2915b0bf58abb288cd4c9318cb3f

C:\Windows\System32\services.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0108544 ____A (Microsoft Corporation) 6e401e61f952fbbf708afbecefafae81

C:\Windows\System32\User32.dll
[2006-03-02 14:00] - [2006-03-02 14:00] - 0577024 ____A (Microsoft Corporation) 1b4ccc59980da34e75f20e42b283b027

C:\Windows\System32\userinit.exe
[2006-03-02 14:00] - [2006-03-02 14:00] - 0024576 ____A (Microsoft Corporation) 836f7960362ff95c5d49e40b891f2cfc

C:\Windows\System32\Drivers\volsnap.sys
[2006-03-02 14:00] - [2006-03-02 14:00] - 0052480 ____A (Microsoft Corporation) cd8cce067f7e9cbd762c00bdddecaa34


==================== End Of Log ============================

[vyosek]

Zdravim

Mate nejaky problem s instalaci SP3 pro XP (nelegalni win, chybove hlasky), bez nej je system hodne zranitelny a muze vykazovat chyby...

Stahnete TDSSQlook http://www.malwareinfo.nl/tools/TDSSQlook.exe

• Ulozte na plochu a spustte
• Zvolte moznost A a potvrdte Enterem
• Po chvili se zobrazi log, ten sem vlozte

[ropman]

s SP3 by problém být neměl, Win je legální, můžu jej tam zkusit nainstalovat.

zde log.
TDSSKiller Quarantine Information log
TDSS Qlook Version 1.0.0.5 - ls - Łt 06.08.2013 - 11:15:33,96.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 2
***** START SCAN Łt 06.08.2013 11:15:34,85 *****

---------- TDSSKiller logs ----------

TDSSKiller.2.8.16.0_01.08.2013_14.43.13_log.txt
TDSSKiller.2.8.16.0_01.08.2013_14.45.20_log.txt
TDSSKiller.2.8.16.0_14.06.2013_09.59.04_log.txt
TDSSKiller.2.8.16.0_14.06.2013_10.01.59_log.txt
TDSSKiller.2.8.16.0_14.06.2013_12.04.22_log.txt
TDSSKiller.2.8.16.0_14.06.2013_13.14.38_log.txt
TDSSKiller.2.8.18.0_06.08.2013_09.10.09_log.txt
TDSSKiller.2.8.18.0_06.08.2013_09.14.23_log.txt
TDSSKiller.2.8.18.0_06.08.2013_10.36.29_log.txt
TDSSKiller.2.8.18.0_06.08.2013_10.38.26_log.txt

---------- TDSSStarter logs ----------


---------- DIR LIST ----------


---------- INI FILES ----------

***** END SCAN Łt 06.08.2013 11:16:55,64 *****

[vyosek]

SP3 tam hodte a pak napiste a budem pokracovat...

[ropman]

Dobré ráno,
SP3 nainstalován, aktualizuji IE6 na IE8 (i když IE se na tomto PC pro web nepoužívá), údajně by bylo vhodné aktualizovat na poslední verzi MS Installeru (?).

[ropman]

po instalaci SP3, jsem stáhnul všechny updaty co to nabídlo, vč. .NET, je tam nový MS Installer 4.5, Media Player 11, ...

V system logu se stále objevuje problém s jednou aplikací od Bruker Daltonik, ale její přeinstalaci si troufnu až tu bude uživatel PC, takže se potkáme až tak za 14 dní ...

Události / Systém
Služba BDal LibrarySearch Service přestala během spouštění reagovat.

Události / Aplikace
Během požadavku na součást {BC045F39-2D84-11D5-9756-00E02927B08F} došlo při rozpoznávání produktu {BDA1DA40-0253-1000-8123-00E081205B98}, funkce DataAnalysis k chybě.

Při rozpoznávání produktu {BDA1DA40-0253-1000-8123-00E081205B98}, funkce DataAnalysis a součásti {90BFD80D-E2B4-8AE6-9204-35EDE11B91F2} došlo k chybě. Prostředek C:\Program Files\Bruker Daltonik\DataAnalysis\antlr.runtime.dll neexistuje.

[vyosek]

S tou aplikaci neporadim, obratte se nejlepe na technickou podporu

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  HKLM\...\Run: [NWEReboot] - [x]
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
  HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
  HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin [814472 2013-06-12] (Adobe Systems Incorporated)
  HKU\Zbyněk Zdráhal\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2004-08-17] (Microsoft Corporation)
  SearchScopes: HKLM - DefaultScope value is missing.
  Handler: ipp - No CLSID Value - 
  Handler: msdaipp - No CLSID Value - 
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[ropman]

Dobrý den,
zde je fixlog. Co přesně se tímto zafixováním provedlo ? Vidím tam třeba JAVA update - ten jsem měl povolený, je to špatně ?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-08-2013
Ran by ls at 2013-08-08 08:58:33 Run:1
Running from D:\INSTALL\Antiviry
Boot Mode: Normal

==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => Value not found.
HKU\Zbyněk Zdráhal\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCR\PROTOCOLS\Handler\Handler: ipp - No CLSID Value - => Key not found.
HKCR\PROTOCOLS\Handler\msdaipp => Key deleted successfully.

==== End of Fixlog ====

[vyosek]

Java kontroluje svou aktualnost pri kazdem svem spusteni, dle meho neni potreba aby neustale bezel na pozadi proces, ktery stale kontroluje i pres toto jeji aktualnost. Pri spusteni je provedena kontrola, to staci...

Celkove ten fix omezil zbytecnosti spoustene po startu, nabeh a pote i beh systemu je sviznejsi

Jak se chova nyni PC, jsou nejake problemy jeste?

[ropman]

PC běží v pořádku, ta problematická aplikace Daltonic nejde odinstalovat, protože jí ve Windows\Installer něco chybí, takže se při odinstalaci kousne a proces se vrátí zpět. Snad by mohlo být řešení ji znovu přeinstalovat a pak případně odebrat.
Majitel mi už PC zabavil, že na něm potřebuje dělat, takže nic víc už teď nebudu vymýšlet.

Děkuji moc za ochotu a pomoc , snad mu funkční stav chvíli vydrží. Nestihl jsem jej ani odzálohovat pro případné obnovení při další chybě

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat