VIRY.CZ

Dobrý den prosím o pomoct s WinRarem některé soubory s příponou .exe se mi otevírají ve winraru a ani oprava registru nepomohla proto se ptám vás jestli s tím neměl někdo problém ze zkušenosti dělá mi to dost velké starosti.

Dobrý večer

,

RSIT Vám spustit jde?

Logfile of random's system information tool 1.09 (written by random/random)
Run by 777 at 2012-05-27 19:53:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (6%) free of 87 GB
Total RAM: 3326 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:53:47, on 27.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Tunngle\Tunngle.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Sid Meier's Civilization V\CivilizationV.exe
C:\Users\777\Downloads\RSIT.exe
C:\Program Files\trend micro\777.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: IMVU.lnk = 777\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

--
End of file - 7638 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\777\AppData\Roaming\Mozilla\Firefox\Profiles\s638nqgd.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Bf5 ... &sap=ku&q="

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"avg@toolbar"=C:\ProgramData\AVG Secure Search\10.2.0.3\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\777\AppData\Roaming\Mozilla\Firefox\Profiles\s638nqgd.default\extensions\
jid1-qQSMEVsYTOjgYA@jetpack
{687578b9-7132-4a7a-80e4-30ee31099e03}
{90b49673-5506-483e-b92b-ca0265bd9ca8}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\777\AppData\Roaming\Mozilla\Firefox\Profiles\s638nqgd.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-03-12 1869152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-03-12 1869152]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-03-12 982880]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-05-18 880496]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe []
"Steam"=C:\Program Files\Steam\steam.exe [2012-05-18 1242448]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Users\777\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\777\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-27 19:53:29 ----D---- C:\rsit
2012-05-27 19:53:29 ----D---- C:\Program Files\trend micro
2012-05-27 13:25:06 ----A---- C:\Windows\system32\CmdLineExt.dll
2012-05-27 13:20:23 ----A---- C:\Windows\system32\pbsvc.exe
2012-05-27 13:14:39 ----D---- C:\Program Files\Ubisoft
2012-05-27 10:01:47 ----D---- C:\Program Files\WinRAR
2012-05-26 19:16:08 ----D---- C:\ProgramData\Trymedia
2012-05-26 00:32:03 ----D---- C:\Program Files\Police Simulator
2012-05-25 23:15:21 ----D---- C:\Program Files\Police Force CZ
2012-05-24 21:34:25 ----D---- C:\Windows\system32\AGEIA
2012-05-24 21:34:25 ----D---- C:\Program Files\AGEIA Technologies
2012-05-24 21:29:32 ----D---- C:\Program Files\HD Publishing
2012-05-24 21:08:59 ----D---- C:\Program Files\ESET
2012-05-24 20:47:12 ----D---- C:\Program Files\CCleaner
2012-05-21 19:18:47 ----D---- C:\Program Files\Common Files\Java
2012-05-21 19:18:18 ----D---- C:\Program Files\Oracle
2012-05-21 19:17:52 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-05-21 19:17:52 ----A---- C:\Windows\system32\javaws.exe
2012-05-21 19:17:28 ----A---- C:\Windows\system32\javaw.exe
2012-05-21 19:17:28 ----A---- C:\Windows\system32\java.exe
2012-05-20 20:25:44 ----HD---- C:\ProgramData\CanonBJ
2012-05-20 17:32:55 ----D---- C:\ProgramData\PopCap Games
2012-05-18 22:36:18 ----D---- C:\Program Files\Steam
2012-05-18 22:01:51 ----A---- C:\Windows\system32\Access.dat
2012-05-18 21:59:24 ----D---- C:\Users\777\AppData\Roaming\Tunngle
2012-05-18 21:59:24 ----D---- C:\ProgramData\Tunngle
2012-05-18 21:59:16 ----D---- C:\Program Files\Tunngle
2012-05-18 21:59:16 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2012-05-18 20:26:39 ----D---- C:\Program Files\Rebellion
2012-05-18 14:10:05 ----D---- C:\Program Files\Conduit
2012-05-18 14:10:04 ----D---- C:\Program Files\uTorrentControl2
2012-05-15 16:47:30 ----D---- C:\ProgramData\Nexon
2012-05-15 16:24:56 ----D---- C:\ProgramData\NexonEU
2012-05-15 15:52:36 ----A---- C:\LoaderLog.txt
2012-05-15 15:44:59 ----D---- C:\Nexon
2012-05-15 15:44:53 ----A---- C:\Windows\system32\nxEuUninstall.bat
2012-05-15 15:44:53 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2012-05-10 22:04:56 ----D---- C:\ProgramData\McAfee Security Scan
2012-05-10 22:04:52 ----D---- C:\ProgramData\McAfee
2012-05-10 22:04:51 ----D---- C:\Program Files\McAfee Security Scan
2012-05-10 22:00:37 ----D---- C:\ProgramData\ATI
2012-05-10 22:00:35 ----D---- C:\Program Files\AMD AVT
2012-05-10 22:00:26 ----D---- C:\Program Files\AMD APP
2012-05-10 21:55:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-10 21:55:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-05-10 21:55:35 ----A---- C:\Windows\system32\win32k.sys
2012-05-10 21:55:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-10 21:55:31 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-10 21:55:30 ----A---- C:\Windows\system32\DWrite.dll
2012-05-06 15:17:18 ----D---- C:\Users\777\AppData\Roaming\.techniclauncher
2012-05-05 17:06:13 ----D---- C:\Program Files\Common Files\Steam
2012-05-04 14:21:27 ----D---- C:\Program Files\Sid Meier's Civilization V
2012-04-30 10:07:36 ----SD---- C:\Program Files\HLSW
2012-04-30 10:07:36 ----D---- C:\Users\777\AppData\Roaming\HLSW

======List of files/folders modified in the last 1 month======

2012-05-27 19:53:34 ----D---- C:\Windows\Temp
2012-05-27 19:53:29 ----RD---- C:\Program Files
2012-05-27 19:53:02 ----D---- C:\Users\777\AppData\Roaming\uTorrent
2012-05-27 19:38:35 ----D---- C:\Users\777\AppData\Roaming\Skype
2012-05-27 18:14:23 ----D---- C:\Windows\system32\Tasks
2012-05-27 15:13:52 ----D---- C:\Windows\system32\drivers\AVG
2012-05-27 13:46:56 ----SHD---- C:\System Volume Information
2012-05-27 13:33:53 ----D---- C:\Windows\system32\config
2012-05-27 13:33:45 ----D---- C:\Windows\winsxs
2012-05-27 13:25:18 ----HD---- C:\ProgramData
2012-05-27 13:25:06 ----D---- C:\Windows\System32
2012-05-27 13:24:37 ----RSD---- C:\Windows\assembly
2012-05-27 13:23:42 ----SHD---- C:\Windows\Installer
2012-05-27 13:23:42 ----D---- C:\Windows\Logs
2012-05-27 13:20:35 ----A---- C:\Windows\system32\PnkBstrB.exe
2012-05-27 13:14:39 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-27 11:14:35 ----D---- C:\ProgramData\MFAData
2012-05-26 09:56:14 ----D---- C:\Windows
2012-05-26 00:53:55 ----D---- C:\Windows\system32\catroot
2012-05-25 23:14:57 ----D---- C:\Users\777\AppData\Roaming\DAEMON Tools Lite
2012-05-25 21:35:42 ----D---- C:\Windows\inf
2012-05-25 20:48:32 ----D---- C:\Users\777\AppData\Roaming\TS3Client
2012-05-25 14:02:51 ----D---- C:\Windows\Panther
2012-05-25 14:02:48 ----D---- C:\Windows\Minidump
2012-05-25 14:02:48 ----D---- C:\Windows\debug
2012-05-23 18:32:42 ----D---- C:\Windows\system32\catroot2
2012-05-22 15:30:45 ----D---- C:\Users\777\AppData\Roaming\.minecraft
2012-05-21 19:18:47 ----D---- C:\Program Files\Common Files
2012-05-21 19:16:56 ----D---- C:\Program Files\Java
2012-05-20 20:22:40 ----D---- C:\Users\777\AppData\Roaming\Adobe
2012-05-19 18:31:22 ----D---- C:\Fraps
2012-05-18 22:03:03 ----D---- C:\Windows\Prefetch
2012-05-18 22:00:23 ----D---- C:\Windows\system32\drivers
2012-05-18 22:00:05 ----D---- C:\Windows\system32\DriverStore
2012-05-18 21:59:17 ----RSD---- C:\Windows\Fonts
2012-05-18 15:53:06 ----D---- C:\Windows\system32\NDF
2012-05-18 14:09:53 ----D---- C:\Program Files\uTorrent
2012-05-15 15:52:42 ----D---- C:\Program Files\Mozilla Firefox
2012-05-12 20:43:22 ----D---- C:\Windows\Microsoft.NET
2012-05-11 20:55:30 ----D---- C:\Program Files\DirectVobSub
2012-05-11 13:43:47 ----D---- C:\ProgramData\AVG2012
2012-05-11 13:40:46 ----D---- C:\Program Files\Windows Journal
2012-05-10 22:12:02 ----A---- C:\Windows\system32\MRT.exe
2012-05-10 22:10:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-10 22:04:58 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-05-10 22:00:03 ----D---- C:\Program Files\ATI Technologies
2012-05-10 18:37:31 ----SD---- C:\Users\777\AppData\Roaming\Microsoft
2012-05-07 08:55:57 ----D---- C:\Windows\system32\wdi
2012-04-30 13:42:41 ----A---- C:\Windows\system32\PnkBstrA.exe
2012-04-29 09:06:50 ----D---- C:\Windows\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-18 242240]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 9334784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 275968]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-02-23 86544]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R4 PnkBstrK;PnkBstrK; \??\C:\Windows\system32\drivers\PnkBstrK.sys [2012-05-27 22328]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 9334784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 XDva394;XDva394; \??\C:\Windows\system32\XDva394.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 217600]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-04-30 75136]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-12 918880]
R3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-04-19 736104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2012-05-27 107832]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 257696]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-05-19 529232]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-29 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Pro začátek zkuste aplikovat ExeHelper, program vyhodí log, ten sem vložte.

Antivirus AVG to blokuje nejde to stáhnout.

mates6789 píše:Antivirus AVG to blokuje nejde to stáhnout.

Antivirus dočasně vypněte.

zkoušel jsem a furt to nejde a hlavně to ukazuje že v tom je trojan

Zkuste to v nouzovém režimu. Trojan v tom opravdu není, jen program hrabe do stejných míst jako malware, a proto ho může heuristika označit jako závadný.

Tak tady to je šéfe.

exeHelper by Raktor
Build 20100414
Run at 20:43:31 on 05/27/12
Now searching...
Checking for numerical processes...
exeHelper by Raktor
Build 20100414
Run at 12:58:47 on 06/02/12
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Stále to ale nefunguje některé soubory.exe se otvírají ve WINRARU

mates6789 píše:Stále to ale nefunguje některé soubory.exe se otvírají ve WINRARU

cim si spustil RSIT

RSIT sem spustil uplně normálně bez jakých koliv problémů problém je ale pouze u některých programů.

Pomuže mi prosím někdo nějaký způsob co jsme ještě nezkoušeli ????

pre upresnenie, ake su to exe subory, ktore sa ti otvaraju vo winrar.
Nie su to (SFX) archivy, ktore si vytvoril winnrarom ?

Odinstaluj winrar, otestuj spravanie, napis sem vysledok.
Nainstaluj opat winrar (s default hodnotami) , otestuj a napis vysledok.

VIRY.CZ

Problém s exe

Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe

Re: Problém s exe