Piesearch, prosím o kontrolu logu

[Karel florian]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karel Florian at 2015-12-29 09:12:44
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 16 GB (22%) free of 71 GB
Total RAM: 3000 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:13:38, on 29.12.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Norman\Npm\Bin\zlh.exe
C:\Program Files\Norman\Npm\Bin\zlhh.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Karel Florian\Desktop\RSIT.exe
C:\Program Files\trend micro\Karel Florian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Služba Google Update (gupdate1c9e7557eac6c25) (gupdate1c9e7557eac6c25) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MustangService DispalyName (MustangService_2015_10_10) - MustangService - C:\ProgramData\TempMoudleSet\MustangSer2739.exe
O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nfservice.exe
O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe
O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe
O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe
O23 - Service: Norman Resource Provider (NICCA) (nvoy) - Norman AS - C:\Program Files\Norman\Npm\Bin\nvoy.exe
O23 - Service: Norman WSC Monitor Service 2 (NWSCMON2) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon2.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 6886 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-15 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-11-28 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-15 142896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-18 7021880]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 644104]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-16 138808]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-07 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-15 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KORG USB-MIDI Driver]
C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe [2012-10-05 393656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-25 809480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 644104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive]
C:\Users\Karel Florian\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2007-10-23 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\Windows\PLFSetL.exe [2008-07-03 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-01-23 12021464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
Skytel.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNUVCDSM]
C:\Windows\snuvcdsm.exe [2011-01-13 30080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning]
C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2014-06-24 4566952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-24 2449648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UGMPan.exe]
UGMPan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2013-12-13 85600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Karel Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^UGM96 Control Panel.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-13 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"Midi1"=KORGUMDD.DRV
"midi4"=KORGUMDD.DRV
"midi5"=wdmaud.drv
"midi6"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi9"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-12-29 09:12:44 ----D---- C:\rsit
2015-12-29 09:12:44 ----D---- C:\Program Files\trend micro
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\tdi_nf.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\nnetsec.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale7_nf64.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale7_nf.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale_nf64.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale_nf.sys
2015-12-29 08:30:11 ----A---- C:\Windows\system32\drivers\nnetsecl64.sys
2015-12-29 08:30:11 ----A---- C:\Windows\system32\drivers\nnetsecl.sys
2015-12-29 08:30:03 ----A---- C:\Windows\system32\nscrnsav.scr
2015-12-29 08:30:02 ----A---- C:\Windows\system32\drivers\Trufos.sys
2015-12-29 08:28:09 ----D---- C:\Program Files\Norman
2015-12-29 07:28:04 ----A---- C:\autoexec.bat
2015-12-29 07:26:41 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-12-28 09:39:13 ----SHD---- C:\$RECYCLE.BIN
2015-12-28 09:34:55 ----A---- C:\Windows\zoek-delete.exe
2015-12-28 09:34:52 ----D---- C:\Windows\Temp
2015-12-28 08:29:02 ----D---- C:\zoek_backup
2015-12-27 16:39:46 ----D---- C:\ProgramData\TempMoudleSet
2015-12-25 09:39:49 ----D---- C:\Program Files\Guitar Pro 6
2015-12-23 18:18:19 ----D---- C:\Users\Karel Florian\AppData\Roaming\Acoustica
2015-12-23 18:18:04 ----D---- C:\Program Files\Acoustica CD Label Maker
2015-12-19 06:11:50 ----A---- C:\Windows\system32\sdnclean.exe
2015-12-18 18:39:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-18 18:38:40 ----A---- C:\Windows\avastSS.scr
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d2d1.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\win32k.sys
2015-12-10 15:37:05 ----A---- C:\Windows\system32\user32.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\FntCache.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\DWrite.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\d3d10.dll
2015-12-10 15:34:50 ----A---- C:\Windows\system32\els.dll
2015-12-10 15:33:11 ----A---- C:\Windows\system32\tzres.dll
2015-12-10 15:33:02 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-10 15:33:02 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-10 15:32:45 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-10 14:57:10 ----A---- C:\Windows\system32\vbscript.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\urlmon.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\mshta.exe
2015-12-10 14:57:10 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-10 14:57:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\jscript.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-10 14:57:09 ----A---- C:\Windows\system32\iertutil.dll
2015-12-10 14:57:08 ----A---- C:\Windows\system32\url.dll
2015-12-10 14:57:08 ----A---- C:\Windows\system32\jscript9.dll
2015-12-10 14:57:07 ----A---- C:\Windows\system32\wininet.dll
2015-12-10 14:57:07 ----A---- C:\Windows\system32\ieframe.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\ieui.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-10 14:57:03 ----A---- C:\Windows\system32\mshtml.dll
2015-12-06 08:42:32 ----D---- C:\Program Files\Common Files\PX Storage Engine
2015-12-06 08:42:24 ----D---- C:\Users\Karel Florian\AppData\Roaming\Winamp

======List of files/folders modified in the last 1 month======

2015-12-29 09:12:44 ----D---- C:\Program Files
2015-12-29 09:11:44 ----D---- C:\Downloads
2015-12-29 09:01:47 ----SD---- C:\ProgramData\Microsoft
2015-12-29 08:49:23 ----D---- C:\Windows\inf
2015-12-29 08:49:10 ----D---- C:\Windows
2015-12-29 08:31:35 ----D---- C:\Windows\system32\drivers
2015-12-29 08:31:26 ----SHD---- C:\Windows\Installer
2015-12-29 08:31:09 ----D---- C:\Windows\System32
2015-12-29 08:26:13 ----SHD---- C:\System Volume Information
2015-12-29 08:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 07:27:34 ----D---- C:\Windows\Prefetch
2015-12-29 07:27:28 ----D---- C:\Windows\system32\Tasks
2015-12-28 11:16:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-28 09:38:41 ----HD---- C:\ProgramData
2015-12-28 09:19:59 ----HD---- C:\Windows\system32\GroupPolicy
2015-12-28 09:19:59 ----D---- C:\Windows\Tasks
2015-12-28 08:34:38 ----D---- C:\Program Files\Common Files
2015-12-27 18:35:14 ----D---- C:\Windows\system32\catroot2
2015-12-25 21:43:14 ----D---- C:\Users\Karel Florian\AppData\Roaming\vlc
2015-12-25 20:12:57 ----D---- C:\Users\Karel Florian\AppData\Roaming\dvdcss
2015-12-25 09:40:27 ----D---- C:\Users\Karel Florian\AppData\Roaming\Guitar Pro 6
2015-12-24 12:27:09 ----D---- C:\Windows\system32\catroot
2015-12-24 10:02:18 ----D---- C:\Users\Karel Florian\AppData\Roaming\uTorrent
2015-12-23 19:02:00 ----D---- C:\Users\Karel Florian\AppData\Roaming\DAEMON Tools Lite
2015-12-19 06:12:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-12-19 06:11:47 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-12-18 19:31:51 ----D---- C:\Windows\Microsoft.NET
2015-12-14 21:19:40 ----D---- C:\Windows\system32\vbox
2015-12-13 08:01:01 ----D---- C:\Windows\Debug
2015-12-11 18:55:33 ----RSD---- C:\Windows\assembly
2015-12-10 17:52:38 ----D---- C:\Windows\rescache
2015-12-10 17:31:52 ----D---- C:\Windows\system32\XPSViewer
2015-12-10 17:31:52 ----D---- C:\Windows\system32\migration
2015-12-10 17:31:50 ----D---- C:\Windows\system32\en-US
2015-12-10 17:31:50 ----D---- C:\Program Files\Internet Explorer
2015-12-10 15:37:25 ----D---- C:\Windows\winsxs
2015-12-10 15:32:44 ----D---- C:\Windows\system32\MRT
2015-12-10 15:25:33 ----A---- C:\Windows\system32\mrt.exe
2015-12-06 08:42:52 ----D---- C:\Program Files\Winamp
2015-12-02 13:25:18 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-18 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-18 209432]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-15 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-12-23 320120]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-12-18 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-18 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-18 436360]
R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs.sys [2014-06-27 28120]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-06-12 56108]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-18 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-18 81168]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec.sys [2015-06-19 67768]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-15 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-15 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-12-03 1175456]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-12-18 165104]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2015-02-17 169992]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-11-13 9037312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-01-23 3001048]
R3 MAUSBOZONE;Service for M-Audio Ozone; C:\Windows\system32\DRIVERS\MAudioOzone.sys [2010-03-31 158344]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-01-03 214232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-06 1759744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-01-24 418032]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-02-17 408280]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 84832]
S1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys [2014-08-27 108360]
S1 sp_rsdrv2;Spyware Terminator 2015 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys []
S1 UGM96_AA;Service for ESI UGM96 Controller driver; C:\Windows\system32\drivers\UGMDrv.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-12-18 58016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 cpuz134;cpuz134; \??\C:\Users\KARELF~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2015-12-29 19984]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-07-11 16608]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows; C:\Windows\System32\Drivers\KORGUMDS.SYS [2012-10-05 24096]
S3 MADFU008;MADFU008; C:\Windows\SYSTEM32\DRIVERS\MADFU008.sys [2007-07-02 15872]
S3 MADFUOZONE;Service for M-Audio Ozone DFU; C:\Windows\system32\DRIVERS\MAudioOzone_DFU.sys [2010-03-31 42248]
S3 MAUSBOZ;Service for M-Audio Ozone (WDM); C:\Windows\system32\DRIVERS\mausboz.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-12 61440]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-24 27888]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
S3 UGM96_01;Service for ESI UGM96 Audio driver; C:\Windows\system32\drivers\UGMwdm.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 USBNZ1X1;M-Audio Ozone Midi; C:\Windows\system32\drivers\usbnz1x1.sys [2007-07-02 22272]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2007-12-17 75776]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service; C:\Windows\system32\drivers\zmghpau.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-12-18 226440]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-15 500784]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-07 110592]
R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\Npm\Bin\nfservice.exe [2015-02-17 196072]
R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-02-17 306360]
R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664]
R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032]
R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2015-02-17 248608]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-07 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2015-06-22 379936]
R2 nvoy;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\nvoy.exe [2013-06-27 222864]
R2 NWSCMON2;Norman WSC Monitor Service 2; C:\Program Files\Norman\Npm\Bin\nwscmon2.exe [2015-09-15 232008]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-11 233472]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080]
R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 177008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate1c9e7557eac6c25;Služba Google Update (gupdate1c9e7557eac6c25); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S2 MustangService_2015_10_10;MustangService DispalyName; C:\ProgramData\TempMoudleSet\MustangSer2739.exe [2015-12-15 235776]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
S4 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Karel florian]

# AdwCleaner v5.026 - Logfile created 29/12/2015 at 15:25:13
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (x86)
# Username : Karel Florian - KARELFLORIAN-PC
# Running from : C:\Users\Karel Florian\Desktop\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : sp_rsdrv2

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\iwin games
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iwin games
[-] Folder Deleted : C:\Users\Karel Florian\AppData\Roaming\ProgSense

***** [ Files ] *****

[-] File Deleted : C:\Users\Karel Florian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.piesearch.com_0.localstorage
[-] File Deleted : C:\Users\Karel Florian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.piesearch.com_0.localstorage-journal
[-] File Deleted : C:\Windows\system32\HMPV2_ENC.dll
[-] File Deleted : C:\Windows\system32\HMPV2_ENC_MMX.dll

***** [ DLLs ] *****


***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Karel Florian\Desktop\Google Chrome.lnk

***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\NextLive
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\TornTvDownloader.File
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheTorntv V10-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\726208b3-97ef-4d8d-a2f9-de0d08bdf1f5
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\TornTv Downloader
[-] Key Deleted : HKCU\Software\ProgSense
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[-] Key Deleted : HKU\.DEFAULT\Software\TornTv Downloader
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheTorntv V10
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\TheTorntv V10
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE

***** [ Web browsers ] *****

[-] [C:\Users\Karel Florian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch
[-] [C:\Users\Karel Florian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : google
[-] [C:\Users\Karel Florian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : piesearch.com

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [10451 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[Karel florian]

Piesearch už neotravuje

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karel Florian at 2015-12-29 20:44:40
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 17 GB (24%) free of 71 GB
Total RAM: 3000 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:23, on 29.12.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Norman\Npm\Bin\zlh.exe
C:\Program Files\Norman\Npm\Bin\zlhh.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Norman\nvc\bin\nvcrtui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Karel Florian\Desktop\RSIT.exe
C:\Program Files\trend micro\Karel Florian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Služba Google Update (gupdate1c9e7557eac6c25) (gupdate1c9e7557eac6c25) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MustangService DispalyName (MustangService_2015_10_10) - MustangService - C:\ProgramData\TempMoudleSet\MustangSer2739.exe
O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nfservice.exe
O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe
O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe
O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe
O23 - Service: Norman Resource Provider (NICCA) (nvoy) - Norman AS - C:\Program Files\Norman\Npm\Bin\nvoy.exe
O23 - Service: Norman WSC Monitor Service 2 (NWSCMON2) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon2.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 7055 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-15 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-11-28 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-15 142896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-18 7021880]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 644104]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-16 138808]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-07 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-15 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KORG USB-MIDI Driver]
C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe [2012-10-05 393656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-25 809480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 644104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2007-10-23 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\Windows\PLFSetL.exe [2008-07-03 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-01-23 12021464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
Skytel.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNUVCDSM]
C:\Windows\snuvcdsm.exe [2011-01-13 30080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning]
C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2014-06-24 4566952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-24 2449648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UGMPan.exe]
UGMPan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2013-12-13 85600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Karel Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^UGM96 Control Panel.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-13 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"Midi1"=KORGUMDD.DRV
"midi4"=KORGUMDD.DRV
"midi5"=wdmaud.drv
"midi6"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi9"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-12-29 11:42:16 ----D---- C:\ProgramData\Guitar Pro 6
2015-12-29 10:35:24 ----A---- C:\Users\Karel Florian\AppData\Roaming\msregsvv.dll
2015-12-29 09:12:44 ----D---- C:\rsit
2015-12-29 09:12:44 ----D---- C:\Program Files\trend micro
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\tdi_nf.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\nnetsec.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale7_nf64.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale7_nf.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale_nf64.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale_nf.sys
2015-12-29 08:30:11 ----A---- C:\Windows\system32\drivers\nnetsecl64.sys
2015-12-29 08:30:11 ----A---- C:\Windows\system32\drivers\nnetsecl.sys
2015-12-29 08:30:03 ----A---- C:\Windows\system32\nscrnsav.scr
2015-12-29 08:30:02 ----A---- C:\Windows\system32\drivers\Trufos.sys
2015-12-29 08:28:09 ----D---- C:\Program Files\Norman
2015-12-29 07:28:04 ----A---- C:\autoexec.bat
2015-12-29 07:26:41 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-12-28 09:39:13 ----SHD---- C:\$RECYCLE.BIN
2015-12-28 09:34:55 ----A---- C:\Windows\zoek-delete.exe
2015-12-28 09:34:52 ----D---- C:\Windows\Temp
2015-12-28 08:29:02 ----D---- C:\zoek_backup
2015-12-27 16:39:46 ----D---- C:\ProgramData\TempMoudleSet
2015-12-23 18:18:19 ----D---- C:\Users\Karel Florian\AppData\Roaming\Acoustica
2015-12-23 18:18:04 ----D---- C:\Program Files\Acoustica CD Label Maker
2015-12-19 06:11:50 ----A---- C:\Windows\system32\sdnclean.exe
2015-12-18 18:39:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-18 18:38:40 ----A---- C:\Windows\avastSS.scr
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d2d1.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\win32k.sys
2015-12-10 15:37:05 ----A---- C:\Windows\system32\user32.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\FntCache.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\DWrite.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\d3d10.dll
2015-12-10 15:34:50 ----A---- C:\Windows\system32\els.dll
2015-12-10 15:33:11 ----A---- C:\Windows\system32\tzres.dll
2015-12-10 15:33:02 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-10 15:33:02 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-10 15:32:45 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-10 14:57:10 ----A---- C:\Windows\system32\vbscript.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\urlmon.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\mshta.exe
2015-12-10 14:57:10 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-10 14:57:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\jscript.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-10 14:57:09 ----A---- C:\Windows\system32\iertutil.dll
2015-12-10 14:57:08 ----A---- C:\Windows\system32\url.dll
2015-12-10 14:57:08 ----A---- C:\Windows\system32\jscript9.dll
2015-12-10 14:57:07 ----A---- C:\Windows\system32\wininet.dll
2015-12-10 14:57:07 ----A---- C:\Windows\system32\ieframe.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\ieui.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-10 14:57:03 ----A---- C:\Windows\system32\mshtml.dll
2015-12-06 08:42:32 ----D---- C:\Program Files\Common Files\PX Storage Engine
2015-12-06 08:42:24 ----D---- C:\Users\Karel Florian\AppData\Roaming\Winamp

======List of files/folders modified in the last 1 month======

2015-12-29 17:47:27 ----D---- C:\Program Files
2015-12-29 17:47:26 ----D---- C:\Users\Karel Florian\AppData\Roaming\Guitar Pro 6
2015-12-29 17:40:49 ----D---- C:\Users\Karel Florian\AppData\Roaming\uTorrent
2015-12-29 17:37:28 ----D---- C:\Downloads
2015-12-29 16:57:36 ----SHD---- C:\System Volume Information
2015-12-29 15:27:22 ----D---- C:\Windows
2015-12-29 15:25:38 ----D---- C:\Windows\System32
2015-12-29 15:25:13 ----HD---- C:\ProgramData
2015-12-29 15:25:13 ----D---- C:\AdwCleaner
2015-12-29 14:00:55 ----D---- C:\Users\Karel Florian\AppData\Roaming\Software Tool
2015-12-29 09:01:47 ----SD---- C:\ProgramData\Microsoft
2015-12-29 08:49:23 ----D---- C:\Windows\inf
2015-12-29 08:31:35 ----D---- C:\Windows\system32\drivers
2015-12-29 08:31:26 ----SHD---- C:\Windows\Installer
2015-12-29 08:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 07:27:34 ----D---- C:\Windows\Prefetch
2015-12-29 07:27:28 ----D---- C:\Windows\system32\Tasks
2015-12-28 11:16:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-28 09:19:59 ----HD---- C:\Windows\system32\GroupPolicy
2015-12-28 09:19:59 ----D---- C:\Windows\Tasks
2015-12-28 08:34:38 ----D---- C:\Program Files\Common Files
2015-12-27 18:35:14 ----D---- C:\Windows\system32\catroot2
2015-12-25 21:43:14 ----D---- C:\Users\Karel Florian\AppData\Roaming\vlc
2015-12-25 20:12:57 ----D---- C:\Users\Karel Florian\AppData\Roaming\dvdcss
2015-12-24 12:27:09 ----D---- C:\Windows\system32\catroot
2015-12-23 19:02:00 ----D---- C:\Users\Karel Florian\AppData\Roaming\DAEMON Tools Lite
2015-12-19 06:12:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-12-19 06:11:47 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-12-18 19:31:51 ----D---- C:\Windows\Microsoft.NET
2015-12-14 21:19:40 ----D---- C:\Windows\system32\vbox
2015-12-13 08:01:01 ----D---- C:\Windows\Debug
2015-12-11 18:55:33 ----RSD---- C:\Windows\assembly
2015-12-10 17:52:38 ----D---- C:\Windows\rescache
2015-12-10 17:31:52 ----D---- C:\Windows\system32\XPSViewer
2015-12-10 17:31:52 ----D---- C:\Windows\system32\migration
2015-12-10 17:31:50 ----D---- C:\Windows\system32\en-US
2015-12-10 17:31:50 ----D---- C:\Program Files\Internet Explorer
2015-12-10 15:37:25 ----D---- C:\Windows\winsxs
2015-12-10 15:32:44 ----D---- C:\Windows\system32\MRT
2015-12-10 15:25:33 ----A---- C:\Windows\system32\mrt.exe
2015-12-06 08:42:52 ----D---- C:\Program Files\Winamp
2015-12-02 13:25:18 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-18 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-18 209432]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-15 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-12-23 320120]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-12-18 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-18 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-18 436360]
R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs.sys [2014-06-27 28120]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-06-12 56108]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-18 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-18 81168]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec.sys [2015-06-19 67768]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-15 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-15 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-12-03 1175456]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-12-18 165104]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2015-02-17 169992]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-11-13 9037312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-01-23 3001048]
R3 MAUSBOZONE;Service for M-Audio Ozone; C:\Windows\system32\DRIVERS\MAudioOzone.sys [2010-03-31 158344]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-01-03 214232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-06 1759744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-01-24 418032]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-02-17 408280]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 84832]
S1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys [2014-08-27 108360]
S1 UGM96_AA;Service for ESI UGM96 Controller driver; C:\Windows\system32\drivers\UGMDrv.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-12-18 58016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 cpuz134;cpuz134; \??\C:\Users\KARELF~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2015-12-29 19984]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-07-11 16608]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows; C:\Windows\System32\Drivers\KORGUMDS.SYS [2012-10-05 24096]
S3 MADFU008;MADFU008; C:\Windows\SYSTEM32\DRIVERS\MADFU008.sys [2007-07-02 15872]
S3 MADFUOZONE;Service for M-Audio Ozone DFU; C:\Windows\system32\DRIVERS\MAudioOzone_DFU.sys [2010-03-31 42248]
S3 MAUSBOZ;Service for M-Audio Ozone (WDM); C:\Windows\system32\DRIVERS\mausboz.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-12 61440]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-24 27888]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
S3 UGM96_01;Service for ESI UGM96 Audio driver; C:\Windows\system32\drivers\UGMwdm.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 USBNZ1X1;M-Audio Ozone Midi; C:\Windows\system32\drivers\usbnz1x1.sys [2007-07-02 22272]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2007-12-17 75776]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service; C:\Windows\system32\drivers\zmghpau.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-12-18 226440]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-15 500784]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-07 110592]
R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\Npm\Bin\nfservice.exe [2015-02-17 196072]
R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-02-17 306360]
R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664]
R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032]
R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2015-02-17 248608]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-07 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2015-06-22 379936]
R2 nvoy;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\nvoy.exe [2013-06-27 222864]
R2 NWSCMON2;Norman WSC Monitor Service 2; C:\Program Files\Norman\Npm\Bin\nwscmon2.exe [2015-09-15 232008]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-11 233472]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080]
R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 177008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate1c9e7557eac6c25;Služba Google Update (gupdate1c9e7557eac6c25); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S2 MustangService_2015_10_10;MustangService DispalyName; C:\ProgramData\TempMoudleSet\MustangSer2739.exe [2015-12-15 235776]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
S4 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[Karel florian]

Uff, už jsem si myslel, ze se chudák počítač z toho nevzpamatuje
Ještě mi vyskakuje při startu cedule ..Mustang Service stopped......ale to asi není předmětem téhle léčby
Nový log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karel Florian at 2015-12-30 09:47:37
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 18 GB (25%) free of 71 GB
Total RAM: 3000 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:48:04, on 30.12.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16723)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Norman\Npm\Bin\zlh.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Norman\Npm\Bin\zlhh.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Karel Florian\Desktop\RSIT.exe
C:\Program Files\Norman\nvc\bin\nvcrtui.exe
C:\Program Files\trend micro\Karel Florian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Služba Google Update (gupdate1c9e7557eac6c25) (gupdate1c9e7557eac6c25) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: MustangService DispalyName (MustangService_2015_10_10) - MustangService - C:\ProgramData\TempMoudleSet\MustangSer2739.exe
O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nfservice.exe
O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe
O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe
O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe
O23 - Service: Norman Resource Provider (NICCA) (nvoy) - Norman AS - C:\Program Files\Norman\Npm\Bin\nvoy.exe
O23 - Service: Norman WSC Monitor Service 2 (NWSCMON2) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon2.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 6724 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job - C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-15 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-11-28 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-18 7021880]
"M-Audio Taskbar Icon"=C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 644104]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-16 138808]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-07 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-15 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KORG USB-MIDI Driver]
C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe [2012-10-05 393656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-07-25 809480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
C:\Windows\system32\M-AudioTaskBarIcon.exe [2010-03-31 644104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2007-10-23 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\Windows\PLFSetL.exe [2008-07-03 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-01-23 12021464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
Skytel.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNUVCDSM]
C:\Windows\snuvcdsm.exe [2011-01-13 30080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning]
C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2014-06-24 4566952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-24 2449648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UGMPan.exe]
UGMPan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2013-12-13 85600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Karel Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^UGM96 Control Panel.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-13 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"Midi1"=KORGUMDD.DRV
"midi4"=KORGUMDD.DRV
"midi5"=wdmaud.drv
"midi6"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi9"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-12-30 09:27:03 ----D---- C:\_OTM
2015-12-29 11:42:16 ----D---- C:\ProgramData\Guitar Pro 6
2015-12-29 10:35:24 ----A---- C:\Users\Karel Florian\AppData\Roaming\msregsvv.dll
2015-12-29 09:12:44 ----D---- C:\rsit
2015-12-29 09:12:44 ----D---- C:\Program Files\trend micro
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\tdi_nf.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\nnetsec.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale7_nf64.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale7_nf.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale_nf64.sys
2015-12-29 08:30:12 ----A---- C:\Windows\system32\drivers\ale_nf.sys
2015-12-29 08:30:11 ----A---- C:\Windows\system32\drivers\nnetsecl64.sys
2015-12-29 08:30:11 ----A---- C:\Windows\system32\drivers\nnetsecl.sys
2015-12-29 08:30:03 ----A---- C:\Windows\system32\nscrnsav.scr
2015-12-29 08:30:02 ----A---- C:\Windows\system32\drivers\Trufos.sys
2015-12-29 08:28:09 ----D---- C:\Program Files\Norman
2015-12-29 07:28:04 ----A---- C:\autoexec.bat
2015-12-29 07:26:41 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-12-28 09:39:13 ----SHD---- C:\$RECYCLE.BIN
2015-12-28 09:34:55 ----A---- C:\Windows\zoek-delete.exe
2015-12-28 09:34:52 ----D---- C:\Windows\Temp
2015-12-28 08:29:02 ----D---- C:\zoek_backup
2015-12-27 16:39:46 ----D---- C:\ProgramData\TempMoudleSet
2015-12-23 18:18:19 ----D---- C:\Users\Karel Florian\AppData\Roaming\Acoustica
2015-12-23 18:18:04 ----D---- C:\Program Files\Acoustica CD Label Maker
2015-12-19 06:11:50 ----A---- C:\Windows\system32\sdnclean.exe
2015-12-18 18:39:43 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-18 18:38:40 ----A---- C:\Windows\avastSS.scr
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10level9.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10core.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d3d10_1.dll
2015-12-10 15:37:06 ----A---- C:\Windows\system32\d2d1.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\win32k.sys
2015-12-10 15:37:05 ----A---- C:\Windows\system32\user32.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\FntCache.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\DWrite.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\d3d10warp.dll
2015-12-10 15:37:05 ----A---- C:\Windows\system32\d3d10.dll
2015-12-10 15:34:50 ----A---- C:\Windows\system32\els.dll
2015-12-10 15:33:11 ----A---- C:\Windows\system32\tzres.dll
2015-12-10 15:33:02 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-10 15:33:02 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-10 15:32:45 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-10 14:57:10 ----A---- C:\Windows\system32\vbscript.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\urlmon.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\mshta.exe
2015-12-10 14:57:10 ----A---- C:\Windows\system32\msfeedssync.exe
2015-12-10 14:57:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-10 14:57:10 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\jscript.dll
2015-12-10 14:57:09 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-10 14:57:09 ----A---- C:\Windows\system32\iertutil.dll
2015-12-10 14:57:08 ----A---- C:\Windows\system32\url.dll
2015-12-10 14:57:08 ----A---- C:\Windows\system32\jscript9.dll
2015-12-10 14:57:07 ----A---- C:\Windows\system32\wininet.dll
2015-12-10 14:57:07 ----A---- C:\Windows\system32\ieframe.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\ieui.dll
2015-12-10 14:57:06 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-10 14:57:03 ----A---- C:\Windows\system32\mshtml.dll
2015-12-06 08:42:32 ----D---- C:\Program Files\Common Files\PX Storage Engine
2015-12-06 08:42:24 ----D---- C:\Users\Karel Florian\AppData\Roaming\Winamp

======List of files/folders modified in the last 1 month======

2015-12-30 09:41:23 ----D---- C:\Windows
2015-12-30 09:27:04 ----D---- C:\Windows\Tasks
2015-12-30 09:25:11 ----D---- C:\Downloads
2015-12-29 17:47:27 ----D---- C:\Program Files
2015-12-29 17:47:26 ----D---- C:\Users\Karel Florian\AppData\Roaming\Guitar Pro 6
2015-12-29 17:40:49 ----D---- C:\Users\Karel Florian\AppData\Roaming\uTorrent
2015-12-29 16:57:36 ----SHD---- C:\System Volume Information
2015-12-29 15:25:38 ----D---- C:\Windows\System32
2015-12-29 15:25:13 ----HD---- C:\ProgramData
2015-12-29 15:25:13 ----D---- C:\AdwCleaner
2015-12-29 14:00:55 ----D---- C:\Users\Karel Florian\AppData\Roaming\Software Tool
2015-12-29 09:01:47 ----SD---- C:\ProgramData\Microsoft
2015-12-29 08:49:23 ----D---- C:\Windows\inf
2015-12-29 08:31:35 ----D---- C:\Windows\system32\drivers
2015-12-29 08:31:26 ----SHD---- C:\Windows\Installer
2015-12-29 08:21:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 07:27:34 ----D---- C:\Windows\Prefetch
2015-12-29 07:27:28 ----D---- C:\Windows\system32\Tasks
2015-12-28 11:16:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-28 09:19:59 ----HD---- C:\Windows\system32\GroupPolicy
2015-12-28 08:34:38 ----D---- C:\Program Files\Common Files
2015-12-27 18:35:14 ----D---- C:\Windows\system32\catroot2
2015-12-25 21:43:14 ----D---- C:\Users\Karel Florian\AppData\Roaming\vlc
2015-12-25 20:12:57 ----D---- C:\Users\Karel Florian\AppData\Roaming\dvdcss
2015-12-24 12:27:09 ----D---- C:\Windows\system32\catroot
2015-12-23 19:02:00 ----D---- C:\Users\Karel Florian\AppData\Roaming\DAEMON Tools Lite
2015-12-19 06:12:09 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-12-19 06:11:47 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-12-18 19:31:51 ----D---- C:\Windows\Microsoft.NET
2015-12-14 21:19:40 ----D---- C:\Windows\system32\vbox
2015-12-13 08:01:01 ----D---- C:\Windows\Debug
2015-12-11 18:55:33 ----RSD---- C:\Windows\assembly
2015-12-10 17:52:38 ----D---- C:\Windows\rescache
2015-12-10 17:31:52 ----D---- C:\Windows\system32\XPSViewer
2015-12-10 17:31:52 ----D---- C:\Windows\system32\migration
2015-12-10 17:31:50 ----D---- C:\Windows\system32\en-US
2015-12-10 17:31:50 ----D---- C:\Program Files\Internet Explorer
2015-12-10 15:37:25 ----D---- C:\Windows\winsxs
2015-12-10 15:32:44 ----D---- C:\Windows\system32\MRT
2015-12-10 15:25:33 ----A---- C:\Windows\system32\mrt.exe
2015-12-06 08:42:52 ----D---- C:\Program Files\Winamp
2015-12-02 13:25:18 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-18 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-18 209432]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-15 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-12-23 320120]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-12-18 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-18 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-18 436360]
R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs.sys [2014-06-27 28120]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-06-12 56108]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-18 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-18 81168]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec.sys [2015-06-19 67768]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-15 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-15 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-12-03 1175456]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-12-18 165104]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2015-02-17 169992]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-11-13 9037312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-01-23 3001048]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-01-03 214232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-06 1759744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-01-24 418032]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-02-17 408280]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [2002-07-17 84832]
S1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec.sys [2014-08-27 108360]
S1 UGM96_AA;Service for ESI UGM96 Controller driver; C:\Windows\system32\drivers\UGMDrv.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-12-18 58016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 cpuz134;cpuz134; \??\C:\Users\KARELF~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2015-12-29 19984]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-07-11 16608]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows; C:\Windows\System32\Drivers\KORGUMDS.SYS [2012-10-05 24096]
S3 MADFU008;MADFU008; C:\Windows\SYSTEM32\DRIVERS\MADFU008.sys [2007-07-02 15872]
S3 MADFUOZONE;Service for M-Audio Ozone DFU; C:\Windows\system32\DRIVERS\MAudioOzone_DFU.sys [2010-03-31 42248]
S3 MAUSBOZ;Service for M-Audio Ozone (WDM); C:\Windows\system32\DRIVERS\mausboz.sys []
S3 MAUSBOZONE;Service for M-Audio Ozone; C:\Windows\system32\DRIVERS\MAudioOzone.sys [2010-03-31 158344]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-12 61440]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-24 27888]
S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2006-11-23 18432]
S3 UGM96_01;Service for ESI UGM96 Audio driver; C:\Windows\system32\drivers\UGMwdm.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 USBNZ1X1;M-Audio Ozone Midi; C:\Windows\system32\drivers\usbnz1x1.sys [2007-07-02 22272]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 37704]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2007-12-17 75776]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service; C:\Windows\system32\drivers\zmghpau.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-12-18 226440]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-15 500784]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-07 110592]
R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\Npm\Bin\nfservice.exe [2015-02-17 196072]
R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-02-17 306360]
R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664]
R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032]
R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2015-02-17 248608]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-07 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2015-06-22 379936]
R2 nvoy;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\nvoy.exe [2013-06-27 222864]
R2 NWSCMON2;Norman WSC Monitor Service 2; C:\Program Files\Norman\Npm\Bin\nwscmon2.exe [2015-09-15 232008]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-11 233472]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080]
R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 177008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate1c9e7557eac6c25;Služba Google Update (gupdate1c9e7557eac6c25); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S2 MustangService_2015_10_10;MustangService DispalyName; C:\ProgramData\TempMoudleSet\MustangSer2739.exe [2015-12-15 235776]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29 269504]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe []
S4 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Karel Florian.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O15 - Trusted Zone: *.line6.net
O20 - AppInit_DLLs:

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.