VIRY.CZ

Dobry den,

Uz tretim dnem, mi nefunguje ucet stranek facebooku.Hlasi, ze ucet je uzamcen a ze je napaden virem Malware.Po vycisteni pc antimalwarem, se stale nejde na ucet prihlasit, ani z zadneho jineho prohlizece, ci jineho pc.Co ale jde, je se prihlasit prez mobilni telefon.Mohu prosim zadat o radu?

Dekuji Lucy.

Zdravím!
Můžeme provést kontrolu PC. Postupujte podle tohoto návodu: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

Nejsem zadny IT clovek, ale zde preposilam, dekuji za radu a pomoc!

Lucy

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013
Ran by Lucinka at 2013-11-03 19:33:09
Running from C:\Users\Lucinka\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Photoshop CS6 (Version: 13.0)
ASUS WebCam Driver (Version: 1.00.0000)
BitGuard
BrowseToSave (Version: 1.0)
BS Player Toolbar (Version: 6.9.0.16)
BS.Player FREE (Version: 2.63.1070)
Google Drive (Version: 1.12.5329.1887)
Google Chrome (Version: 30.0.1599.101)
Google Update Helper (Version: 1.3.21.165)
GotClip Downloader
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0004)
Java Auto Updater (Version: 2.0.2.1)
Java(TM) 6 Update 18 (Version: 6.0.180)
Malwarebytes Anti-Malware verze 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Scan and Repair 1.5.121
McAfee Security Scan Plus (Version: 3.8.130.8)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 25.0 (x86 cs) (Version: 25.0)
Mozilla Maintenance Service (Version: 25.0)
PDF Settings CS6 (Version: 11.0)
PhotoScape
Picasa 3 (Version: 3.9)
Search Assistant MocaFlix 1.66
Skype™ 6.1 (Version: 6.1.129)
SUPERAntiSpyware (Version: 5.6.1014)
SweetIM for Messenger 3.7 (Version: 3.7.0007)
Update Manager for SweetPacks 1.1 (Version: 1.1.0008)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Zoner Photo Studio 15 (Version: 15.0.1.4)

==================== Restore Points =========================

02-11-2013 09:14:35 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B4F01C7-4E1E-41EC-B5D9-CDF4009EC191} - System32\Tasks\AdobeAAMUpdater-1.0-Lucinka-PC-Lucinka => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-01-24] (Adobe Systems Incorporated)
Task: {1A8180A1-9E96-4019-BA31-41F16FA2CE0D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-23] (Google Inc.)
Task: {602EB5B6-0C7D-4E68-8D21-6C2218D45E9A} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {70064186-2DAE-42D2-8EF1-7E171CBB9213} - System32\Tasks\FGRun => C:\Users\Lucinka\AppData\Roaming\pack.exe
Task: {75634BB4-D931-4886-BE28-DE4C1799DE6F} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe [2012-12-14] (http://yourfiledownloader.com)
Task: {82B80CFA-DC83-454A-8ACB-0A82DF80856E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {BE841857-DB19-4E8F-A061-61BDCD87AC9A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe
Task: {C272D32E-4FFA-4302-ADEB-E395C4DDD6F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-23] (Google Inc.)
Task: {CDB3463A-62EB-4E5C-A628-AE790AA8D38D} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-28 10:48 - 2013-10-22 16:09 - 02735584 _____ () C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-04-26 06:07 - 2013-11-03 18:17 - 00013600 _____ () C:\Users\Lucinka\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
2013-03-20 17:08 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-06-12 00:28 - 2013-06-12 00:28 - 16033160 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Adaptér miniportu Microsoft Virtual WiFi
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2013 08:28:01 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0x610
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 07:28:02 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0x8d4
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 06:28:02 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0x8e0
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 05:56:50 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0xc7c
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 01:28:02 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0x190
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 00:28:02 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0xe8c
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 11:28:02 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0xd78
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 10:28:03 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0xa64
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3

Error: (10/31/2013 10:22:50 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 24.0.0.5001, časové razítko: 0x522fd29f
Název chybujícího modulu: xul.dll, verze: 24.0.0.5001, časové razítko: 0x522fd1a4
Kód výjimky: 0xc0000005
Posun chyby: 0x001b72a8
ID chybujícího procesu: 0xb18
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (10/31/2013 09:28:02 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerUpdateService.exe, verze: 11.6.602.180, časové razítko: 0x51a4ab8c
Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdadb
Kód výjimky: 0xc0000005
Posun chyby: 0x000335d3
ID chybujícího procesu: 0xbc8
Čas spuštění chybující aplikace: 0xFlashPlayerUpdateService.exe0
Cesta k chybující aplikaci: FlashPlayerUpdateService.exe1
Cesta k chybujícímu modulu: FlashPlayerUpdateService.exe2
ID zprávy: FlashPlayerUpdateService.exe3


System errors:
=============
Error: (11/02/2013 10:04:11 AM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/31/2013 02:04:01 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/30/2013 11:10:43 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/29/2013 08:41:58 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/28/2013 04:16:47 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/26/2013 00:24:41 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/25/2013 09:54:16 AM) (Source: EventLog) (User: )
Description: Předchozí vypnutí systému (10:52:55, ‎25.‎10.‎2013) bylo neočekávané.

Error: (10/25/2013 09:40:40 AM) (Source: DCOM) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}

Error: (10/24/2013 08:03:18 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/22/2013 06:22:40 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


Microsoft Office Sessions:
=========================
Error: (10/31/2013 08:28:01 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d361001ced66f4f81b498C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll8e13cd2e-4262-11e3-a7c8-485b3906d89b

Error: (10/31/2013 07:28:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d38d401ced666eda57cf0C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll2c9bb34c-425a-11e3-a7c8-485b3906d89b

Error: (10/31/2013 06:28:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d38e001ced65e8be278a1C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dllcad57aa1-4251-11e3-a7c8-485b3906d89b

Error: (10/31/2013 05:56:50 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d3c7c01ced65a2f71ccecC:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll6f0bbfbe-424d-11e3-a7c8-485b3906d89b

Error: (10/31/2013 01:28:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d319001ced634a30e9511C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dlle204cb6e-4227-11e3-a7c8-485b3906d89b

Error: (10/31/2013 00:28:02 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d3e8c01ced62c4145eaf3C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll803bfa3f-421f-11e3-a7c8-485b3906d89b

Error: (10/31/2013 11:28:02 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d3d7801ced623df809c25C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll1e77e3f6-4217-11e3-a7c8-485b3906d89b

Error: (10/31/2013 10:28:03 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d3a6401ced61b7d9db2c9C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dllbd18f998-420e-11e3-a7c8-485b3906d89b

Error: (10/31/2013 10:22:50 AM) (Source: Application Error)(User: )
Description: firefox.exe24.0.0.5001522fd29fxul.dll24.0.0.5001522fd1a4c0000005001b72a8b1801ced60a26ee9ebaC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll028829d3-420e-11e3-a40b-485b3906d89b

Error: (10/31/2013 09:28:02 AM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7600.163854a5bdadbc0000005000335d3bc801ced6131bfce3e3C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SYSTEM32\ntdll.dll5abd1169-4206-11e3-a40b-485b3906d89b


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 3037.09 MB
Available physical RAM: 1775.45 MB
Total Pagefile: 6072.45 MB
Available Pagefile: 4514.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:89.07 GB) (Free:3.96 GB) NTFS
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:208.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 76692CA8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=89 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209 GB) - (Type=OF Extended)

==================== End Of Log ============================

Potřeboval bych ještě log ze základního skenu FRST. Logy jsou 2.

Zde zasilam druhy.Dekuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Lucinka (administrator) on LUCINKA-PC on 03-11-2013 20:17:11
Running from C:\Users\Lucinka\Downloads
Microsoft Windows 7 Ultimate (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
() C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Windows\system32\schtasks.exe
() C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft) C:\Program Files\Yontoo\Y2Desktop.Updater.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Yontoo LLC) C:\Users\Lucinka\AppData\Roaming\Yontoo\YontooDesktop.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [477600 2013-01-24] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM\...\Run: [etMonitor] - C:\Windows\etMon.exe
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Zoner Photo Studio Autoupdate] - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe [773728 2012-12-04] (ZONER software)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [Yontoo Desktop] - C:\Users\Lucinka\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-13] (Yontoo LLC)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [4763008 2012-11-01] (SUPERAntiSpyware.com)
MountPoints2: {fefc6e74-5053-11e2-bc55-485b3906d89b} - F:\PMCsetup.exe
AppInit_DLLs: c:\progra~2\bitguard\271769~1.27\{c16c1~1\bitguard.dll [ 2013-10-22] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
URLSearchHook: HKLM - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.just-browse.info/?l=1&q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 5B3906D89B}
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 5B3906D89B
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.just-browse.info/?l=1&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 5B3906D89B}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
BHO: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKLM - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKCU - BS Player ControlBar Toolbar - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default
FF user.js: detected! => C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default\user.js
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Users\Lucinka\Desktop\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default\searchplugins\Sweetpacks Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: plugin - C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default\Extensions\plugin@yontoo.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Chrome:
=======
CHR DefaultSearchURL: (Babylon) - http://search.babylon.com/?q={searchTer ... 5B3906D89B
CHR DefaultSuggestURL: (Babylon) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcdaccfllabancomhekjpdnkjdoohala\3.8_1
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihphomdjaoeldcjpbnppnppachhceni\3.8_1
CHR Extension: (SweetIM for Facebook) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdjdapancnhefnejlakigbholbnagnci\3.8_1
CHR Extension: (Torch Share) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.2504_1
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\labccibafabgoooppbgnafbmgngkblbi\3.8_1
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhmpciemliaeabocdebdjiflfmjmiijm\3.8_1
CHR Extension: (Yontoo) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkndglcpjkihgjeahmkendncbijodnc\3.8_1
CHR Extension: (Google Wallet) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjinjlnkfcbomkjfohakpkeddebipag\3.8_1
CHR Extension: (Browse2save) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\oanafibnappbgigghnpgebpgidjibkbp\3.8_1
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.4_0
CHR HKLM\...\Chrome\Extension: [dcdaccfllabancomhekjpdnkjdoohala] - C:\ProgramData\Browse2save\dcdaccfllabancomhekjpdnkjdoohala.crx
CHR HKLM\...\Chrome\Extension: [fihphomdjaoeldcjpbnppnppachhceni] - C:\ProgramData\Browse2save\fihphomdjaoeldcjpbnppnppachhceni.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM\...\Chrome\Extension: [kdjdapancnhefnejlakigbholbnagnci] - C:\ProgramData\Browse2save\kdjdapancnhefnejlakigbholbnagnci.crx
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Lucinka\AppData\Local\Torch\Plugins\TorchPlugin.crx
CHR HKLM\...\Chrome\Extension: [labccibafabgoooppbgnafbmgngkblbi] - C:\ProgramData\Browse2save\labccibafabgoooppbgnafbmgngkblbi.crx
CHR HKLM\...\Chrome\Extension: [mhmpciemliaeabocdebdjiflfmjmiijm] - C:\ProgramData\Browse2save\mhmpciemliaeabocdebdjiflfmjmiijm.crx
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx
CHR HKLM\...\Chrome\Extension: [nmkndglcpjkihgjeahmkendncbijodnc] - C:\ProgramData\Browse2save\nmkndglcpjkihgjeahmkendncbijodnc.crx
CHR HKLM\...\Chrome\Extension: [nnjinjlnkfcbomkjfohakpkeddebipag] - C:\ProgramData\Browse2save\nnjinjlnkfcbomkjfohakpkeddebipag.crx
CHR HKLM\...\Chrome\Extension: [oanafibnappbgigghnpgebpgidjibkbp] - C:\ProgramData\Browse2save\oanafibnappbgigghnpgebpgidjibkbp.crx
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\jmdp\SweetNT.crx

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)
R2 BitGuard; C:\ProgramData\BitGuard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2864096 2013-10-22] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McAfee ScanAndRepair Svc; C:\Program Files\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe [695640 2012-01-12] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 Yontoo Desktop Updater; C:\Users\Lucinka\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-13] (Yontoo LLC)

==================== Drivers (Whitelisted) ====================

R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-13] (Atheros Communications, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-03 19:33 - 2013-11-03 19:33 - 00017687 _____ C:\Users\Lucinka\Downloads\Addition.txt
2013-11-03 19:31 - 2013-11-03 19:31 - 00000000 ____D C:\FRST
2013-11-03 19:30 - 2013-11-03 19:31 - 00029696 _____ C:\Users\Lucinka\AppData\Local\MSGBOX.EXE
2013-11-03 19:29 - 2013-11-03 19:29 - 00112128 _____ (forum.viry.cz) C:\Users\Lucinka\Downloads\FRSTLauncher.exe
2013-11-03 19:28 - 2013-11-03 19:29 - 01089445 _____ (Farbar) C:\Users\Lucinka\Downloads\FRST.exe
2013-10-31 19:54 - 2013-10-31 19:54 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-31 19:54 - 2013-10-31 19:54 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-31 19:54 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-31 19:52 - 2013-10-31 19:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lucinka\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-31 19:39 - 2013-10-31 19:39 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-31 19:38 - 2013-10-31 19:38 - 00283000 _____ (Mozilla) C:\Users\Lucinka\Downloads\Firefox Setup Stub 25.0.exe
2013-10-31 19:37 - 2013-10-31 19:37 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release(3).exe
2013-10-31 19:16 - 2013-10-31 19:16 - 00000000 ____D C:\Program Files\McAfeeScanAndRepair
2013-10-31 19:03 - 2013-10-31 19:05 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release(2).exe
2013-10-31 18:59 - 2013-10-31 19:00 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release(1).exe
2013-10-31 18:58 - 2013-10-31 18:58 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release.exe
2013-10-28 10:48 - 2013-10-28 10:48 - 00000000 ____D C:\Users\Lucinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-23 07:47 - 2013-11-03 20:12 - 00000000 ____D C:\Windows\system32\jmdp
2013-10-16 16:10 - 2013-10-16 16:10 - 370133492 _____ C:\Users\Lucinka\Desktop\Interview-s-upirem-cz-.mp4
2013-10-15 09:04 - 2013-10-15 09:04 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-10-15 09:04 - 2013-10-15 09:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-10-11 07:44 - 2013-10-11 07:44 - 00000000 ____D C:\Windows\system32\BitGuard
2013-10-09 19:21 - 2013-10-09 19:21 - 00000000 ____D C:\Users\Lucinka\AppData\Local\avgchrome
2013-10-08 17:46 - 2013-10-08 17:47 - 00146144 _____ C:\Windows\Minidump\100813-12636-01.dmp
2013-10-07 14:11 - 2013-10-07 14:11 - 00002697 _____ C:\Users\Lucinka\Desktop\Deaf+Havana+-+Nicotine+and+Alcohol+Saved+My+Life – zástupce.lnk
2013-10-07 14:11 - 2013-10-07 14:11 - 00002616 _____ C:\Users\Lucinka\Desktop\02 02 - Killing In The Name – zástupce (2).lnk
2013-10-07 14:11 - 2013-10-07 14:11 - 00002607 _____ C:\Users\Lucinka\Desktop\05 05 - Bullet In The Head – zástupce.lnk
2013-10-07 14:11 - 2013-10-07 14:11 - 00002484 _____ C:\Users\Lucinka\Desktop\07 07 - Wake Up – zástupce.lnk
2013-10-07 14:10 - 2013-10-07 14:10 - 00002616 _____ C:\Users\Lucinka\Desktop\03 03 - Take The Power Back – zástupce.lnk
2013-10-07 14:10 - 2013-10-07 14:10 - 00002616 _____ C:\Users\Lucinka\Desktop\02 02 - Killing In The Name – zástupce.lnk

==================== One Month Modified Files and Folders =======

2013-11-03 20:13 - 2013-03-23 17:35 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-03 20:13 - 2013-03-17 20:04 - 00000000 ____D C:\Users\Lucinka\AppData\Roaming\Yontoo
2013-11-03 20:13 - 2012-10-28 19:17 - 00145802 _____ C:\Windows\PFRO.log
2013-11-03 20:13 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-03 20:13 - 2009-07-14 05:39 - 00071281 _____ C:\Windows\setupact.log
2013-11-03 20:12 - 2013-10-23 07:47 - 00000000 ____D C:\Windows\system32\jmdp
2013-11-03 20:12 - 2012-10-28 19:52 - 02047035 _____ C:\Windows\WindowsUpdate.log
2013-11-03 20:03 - 2013-03-23 17:35 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-03 19:33 - 2013-11-03 19:33 - 00017687 _____ C:\Users\Lucinka\Downloads\Addition.txt
2013-11-03 19:31 - 2013-11-03 19:31 - 00000000 ____D C:\FRST
2013-11-03 19:31 - 2013-11-03 19:30 - 00029696 _____ C:\Users\Lucinka\AppData\Local\MSGBOX.EXE
2013-11-03 19:29 - 2013-11-03 19:29 - 00112128 _____ (forum.viry.cz) C:\Users\Lucinka\Downloads\FRSTLauncher.exe
2013-11-03 19:29 - 2013-11-03 19:28 - 01089445 _____ (Farbar) C:\Users\Lucinka\Downloads\FRST.exe
2013-11-03 19:28 - 2013-03-21 17:15 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-03 19:07 - 2012-11-23 20:40 - 00000000 ____D C:\Users\Lucinka\AppData\Roaming\Skype
2013-11-03 18:24 - 2009-07-14 05:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-03 18:24 - 2009-07-14 05:34 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-03 18:21 - 2012-10-28 20:03 - 01445734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-03 09:29 - 2012-12-07 01:43 - 00000000 ____D C:\Users\Lucinka\AppData\Local\Adobe
2013-10-31 22:02 - 2013-03-31 20:57 - 00000000 ____D C:\Program Files\Search Results Toolbar
2013-10-31 22:01 - 2013-06-02 12:15 - 00000000 ____D C:\Windows\system32\WNLT
2013-10-31 22:01 - 2012-12-15 19:17 - 00000000 ____D C:\Program Files\SweetIM
2013-10-31 20:38 - 2013-03-20 17:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-31 20:38 - 2013-03-20 17:08 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-31 20:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2013-10-31 19:54 - 2013-10-31 19:54 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-31 19:54 - 2013-10-31 19:54 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-31 19:53 - 2013-10-31 19:52 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lucinka\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-31 19:39 - 2013-10-31 19:39 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-31 19:38 - 2013-10-31 19:38 - 00283000 _____ (Mozilla) C:\Users\Lucinka\Downloads\Firefox Setup Stub 25.0.exe
2013-10-31 19:37 - 2013-10-31 19:37 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release(3).exe
2013-10-31 19:16 - 2013-10-31 19:16 - 00000000 ____D C:\Program Files\McAfeeScanAndRepair
2013-10-31 19:05 - 2013-10-31 19:03 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release(2).exe
2013-10-31 19:00 - 2013-10-31 18:59 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release(1).exe
2013-10-31 18:58 - 2013-10-31 18:58 - 03270504 _____ (McAfee, Inc.) C:\Users\Lucinka\Downloads\McAfeeScanAndRepair1_Release.exe
2013-10-29 16:17 - 2013-03-21 17:15 - 00002012 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-29 16:17 - 2013-03-21 17:15 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-28 14:26 - 2013-09-14 05:34 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-28 10:48 - 2013-10-28 10:48 - 00000000 ____D C:\Users\Lucinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-27 20:48 - 2013-01-12 00:34 - 00000000 ____D C:\Users\Lucinka\AppData\Local\CrashDumps
2013-10-21 08:16 - 2013-06-02 12:15 - 00000000 ____D C:\Windows\system32\ARFC
2013-10-18 17:08 - 2013-03-23 17:35 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-16 16:10 - 2013-10-16 16:10 - 370133492 _____ C:\Users\Lucinka\Desktop\Interview-s-upirem-cz-.mp4
2013-10-16 15:39 - 2013-01-14 21:28 - 00000000 ____D C:\Users\Lucinka\Documents\pics 2013
2013-10-15 09:58 - 2013-06-02 12:15 - 00027136 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2013-10-15 09:04 - 2013-10-15 09:04 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-10-15 09:04 - 2013-10-15 09:04 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-10-13 18:17 - 2012-11-15 08:38 - 00000000 ____D C:\Users\Lucinka\Desktop\BSPlayer
2013-10-11 07:44 - 2013-10-11 07:44 - 00000000 ____D C:\Windows\system32\BitGuard
2013-10-09 19:21 - 2013-10-09 19:21 - 00000000 ____D C:\Users\Lucinka\AppData\Local\avgchrome
2013-10-08 17:47 - 2013-10-08 17:46 - 00146144 _____ C:\Windows\Minidump\100813-12636-01.dmp
2013-10-08 17:46 - 2012-11-13 18:27 - 00000000 ____D C:\Windows\Minidump
2013-10-07 17:34 - 2013-07-23 09:31 - 00000000 ____D C:\Users\Lucinka\Documents\30 Seconds To Mars
2013-10-07 14:19 - 2013-07-23 09:39 - 00000000 ____D C:\Users\Lucinka\Desktop\sunshine mgmt
2013-10-07 14:11 - 2013-10-07 14:11 - 00002697 _____ C:\Users\Lucinka\Desktop\Deaf+Havana+-+Nicotine+and+Alcohol+Saved+My+Life – zástupce.lnk
2013-10-07 14:11 - 2013-10-07 14:11 - 00002616 _____ C:\Users\Lucinka\Desktop\02 02 - Killing In The Name – zástupce (2).lnk
2013-10-07 14:11 - 2013-10-07 14:11 - 00002607 _____ C:\Users\Lucinka\Desktop\05 05 - Bullet In The Head – zástupce.lnk
2013-10-07 14:11 - 2013-10-07 14:11 - 00002484 _____ C:\Users\Lucinka\Desktop\07 07 - Wake Up – zástupce.lnk
2013-10-07 14:10 - 2013-10-07 14:10 - 00002616 _____ C:\Users\Lucinka\Desktop\03 03 - Take The Power Back – zástupce.lnk
2013-10-07 14:10 - 2013-10-07 14:10 - 00002616 _____ C:\Users\Lucinka\Desktop\02 02 - Killing In The Name – zástupce.lnk

Some content of TEMP:
====================
C:\Users\Lucinka\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Lucinka\AppData\Local\Temp\CT1750559_ie.exe
C:\Users\Lucinka\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Lucinka\AppData\Local\Temp\GoogleSetup.exe
C:\Users\Lucinka\AppData\Local\Temp\htmlayout.dll
C:\Users\Lucinka\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Lucinka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lucinka\AppData\Local\Temp\TB_2D0C.exe
C:\Users\Lucinka\AppData\Local\Temp\toolbar15436314.exe
C:\Users\Lucinka\AppData\Local\Temp\uninstall13017269.exe
C:\Users\Lucinka\AppData\Local\Temp\uninstall13017300.exe
C:\Users\Lucinka\AppData\Local\Temp\uninstall155798.exe
C:\Users\Lucinka\AppData\Local\Temp\uninstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 14:01

==================== End Of Log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
(Microsoft) C:\Program Files\Yontoo\Y2Desktop.Updater.exe
(Yontoo LLC) C:\Users\Lucinka\AppData\Roaming\Yontoo\YontooDesktop.exe
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKCU\...\Run: [Yontoo Desktop] - C:\Users\Lucinka\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-13] (Yontoo LLC)
MountPoints2: {fefc6e74-5053-11e2-bc55-485b3906d89b} - F:\PMCsetup.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.just-browse.info/
URLSearchHook: HKLM - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... 0264433&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.just-browse.info/?l=1&q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 5B3906D89B}
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 5B3906D89B
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ie ... 0264433&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.just-browse.info/?l=1&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 5B3906D89B}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
BHO: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKLM - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKCU - BS Player ControlBar Toolbar - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
FF ProfilePath: C:\Users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\vqn8kqov.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
CHR DefaultSearchURL: (Babylon) - http://search.babylon.com/?q={searchTer ... 5B3906D89B
CHR DefaultSuggestURL: (Babylon) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (SweetIM for Facebook) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0
CHR Extension: (Torch Share) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.2504_1
CHR Extension: (Yontoo) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1
HR HKLM\...\Chrome\Extension: [dcdaccfllabancomhekjpdnkjdoohala] - C:\ProgramData\Browse2save\dcdaccfllabancomhekjpdnkjdoohala.crx
CHR HKLM\...\Chrome\Extension: [fihphomdjaoeldcjpbnppnppachhceni] - C:\ProgramData\Browse2save\fihphomdjaoeldcjpbnppnppachhceni.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM\...\Chrome\Extension: [kdjdapancnhefnejlakigbholbnagnci] - C:\ProgramData\Browse2save\kdjdapancnhefnejlakigbholbnagnci.crx
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Lucinka\AppData\Local\Torch\Plugins\TorchPlugin.crx
CHR HKLM\...\Chrome\Extension: [labccibafabgoooppbgnafbmgngkblbi] - C:\ProgramData\Browse2save\labccibafabgoooppbgnafbmgngkblbi.crx
CHR HKLM\...\Chrome\Extension: [mhmpciemliaeabocdebdjiflfmjmiijm] - C:\ProgramData\Browse2save\mhmpciemliaeabocdebdjiflfmjmiijm.crx
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx
CHR HKLM\...\Chrome\Extension: [nmkndglcpjkihgjeahmkendncbijodnc] - C:\ProgramData\Browse2save\nmkndglcpjkihgjeahmkendncbijodnc.crx
CHR HKLM\...\Chrome\Extension: [nnjinjlnkfcbomkjfohakpkeddebipag] - C:\ProgramData\Browse2save\nnjinjlnkfcbomkjfohakpkeddebipag.crx
CHR HKLM\...\Chrome\Extension: [oanafibnappbgigghnpgebpgidjibkbp] - C:\ProgramData\Browse2save\oanafibnappbgigghnpgebpgidjibkbp.crx
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\jmdp\SweetNT.crx
S3 McAfee ScanAndRepair Svc; C:\Program Files\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe [695640 2012-01-12] (McAfee, Inc.)
R2 Yontoo Desktop Updater; C:\Users\Lucinka\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-13] (Yontoo LLC)
C:\Users\Lucinka\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Omlouvam se, ale co a jak mam ulozit na plochu? Dekuji za ochotu.

Text v bílém poli zkopírujete do poznámkového bloku, dáte "uložit jako". Otevře se dialogové okno, v němž si vyhledáte plochu a do řádku "Název souboru" napíšete >fixlist< a dáte uložit.

V poradku, uz to mam, ale kdyz znovu spustim FRST a kliknu na FIX, vyskoci mi okenkou FIXLIST is not found.

Co jste napsala do řádky "název souboru"? Fixlist, nebo fixlist.txt? Pokud to druhé, je to chyba, zdvojí se přípona a fix se nespustí. Do té řádky přijde pouze fixlist. Nic jiného.

Ne, pouze fixlist.Vic nic, potom zpet najedu na FRST, chci kliknout na FIX a opet se mi objevi tabulka.

Přehlédl jsem jednu věc. Musíte přesunout FRST na plochu. Pak to půjde. FRST a fixlist musí být v jednom adresáři.

Po ulozeni na plochu, otevru FRST, dam FIX a pise mi to : Looks you dont know what to do.To prevent damange to the system the tool will.

? Dekuji.

Máte tam ten fixlist? Myslím na ploše. Dosud nikdo s ním neměl takový problém.

Ano, mam....An netusite, co bymohlo byt za zavadu?