Napadeni virusem?Nelze klikat

[zuza12345]

Ahoj,nevim si rady.Nevim co presne se porouchalo ale po nacteni win (win7) nelze na nic klikat protoze kurzor stale cosi nacita.(podoba kolecka)
Nyni jsem v nouzovem rezimu,jedina moznost jak nyni ovladat me PC.
Antiviry mam:Avast,Eset.-Zadny si nevedel rady.
Original CD win jiz bohuzel nevlastnim

Mam podezreni ze jsem chytla nejaky zaludny vir.

Prosim o radu ci tip jak najit a odstranit problem.

Dekuji Zuza

[Rudy]

Zdravím!
Zkuste nastartovat do nouz. režimu. Pokud se bude systém chovat normálně, dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

[zuza12345]

Logfile of random's system information tool 1.09 (written by random/random)
Run by meno at 2012-04-08 20:47:16
Microsoft Windows 7 Home Premium
System drive C: has 171 GB (72%) free of 238 GB
Total RAM: 3835 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:26, on 8. 4. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\ESET\ESET Smart Security\ecls.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\meno\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files\trend micro\meno.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: MAX EN Atube Toolbar - {b6315c48-f861-4913-9578-1b5fac41ebe0} - C:\Program Files (x86)\MAX_EN_Atube\tbMAX_.dll
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: BrotherSoft Extreme - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: MAX EN Atube Toolbar - {b6315c48-f861-4913-9578-1b5fac41ebe0} - C:\Program Files (x86)\MAX_EN_Atube\tbMAX_.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Search-Results Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: MAX EN Atube Toolbar - {b6315c48-f861-4913-9578-1b5fac41ebe0} - C:\Program Files (x86)\MAX_EN_Atube\tbMAX_.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Search-Results Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\meno\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\meno\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15871 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\helppane.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\ESET\ESET Smart Security\ecls.exe" /auto
\??\C:\Windows\system32\conhost.exe "1555703733-1252619778-1637612285-5557631321161953413-957289829-1900999788-110681104
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1284 CREDAT:145409
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1268.7dc7b40.550911103 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1268 plugin \\.\pipe\gecko-crash-server-pipe.1268
"C:\Users\meno\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\meno\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "extensions.enabledItems" - "{635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, wrc@avast.com:6.0.1289, engine@conduit.com:3.3.3.2, toolbar@ask.com:3.13.1.18132, {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.3.3.2, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.5.0.12, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.8, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
prefs.js - "keyword.URL" - "http://websearch.search-results.com/red ... YYYYYGB&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
fcmdSrch.xml
google.xml
McSiteAdvisor.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\
af-ZA@dictionaries.addons.mozilla.org
engine@conduit.com
toolbar@ask.com
{51a86bb3-6602-4c85-92a5-130ee4864f13}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{800b5000-a755-47e1-992b-48a1c1357f07}
{b6315c48-f861-4913-9578-1b5fac41ebe0}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
search-results.xml
SmileyCentral_1v.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-16 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-09 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-09-12 3863136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-16 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6315c48-f861-4913-9578-1b5fac41ebe0}]
MAX EN Atube Toolbar - C:\Program Files (x86)\MAX_EN_Atube\tbMAX_.dll [2010-09-12 3863136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Search-Results Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-08-25 1515496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2012-03-16 253040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{b6315c48-f861-4913-9578-1b5fac41ebe0} - MAX EN Atube Toolbar - C:\Program Files (x86)\MAX_EN_Atube\tbMAX_.dll [2010-09-12 3863136]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-09-12 3863136]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Search-Results Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-08-25 1515496]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll [2011-01-17 175912]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-16 192112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2716216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\meno\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Facebook Update"=C:\Users\meno\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-28 137536]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-12-09 39408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe [2010-08-17 232912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"NBAgent"=c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
""= []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-10 932288]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-08-25 886760]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2011-12-09 296056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-04-08 20:47:18 ----D---- C:\Program Files\trend micro
2012-04-08 20:47:16 ----D---- C:\rsit
2012-03-24 21:27:19 ----D---- C:\Users\meno\AppData\Roaming\WinRAR
2012-03-24 21:27:14 ----D---- C:\Program Files\WinRAR
2012-03-24 21:24:12 ----D---- C:\Users\meno\AppData\Roaming\SharePod
2012-03-15 13:55:19 ----SHD---- C:\Config.Msi
2012-03-14 11:59:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 11:59:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 11:59:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-13 23:26:22 ----A---- C:\Windows\system32\win32k.sys
2012-03-13 23:26:19 ----A---- C:\Windows\system32\DWrite.dll
2012-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-13 23:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-03-13 23:26:17 ----A---- C:\Windows\system32\d3d10warp.dll
2012-03-13 23:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-03-13 23:26:16 ----A---- C:\Windows\system32\d2d1.dll
2012-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-03-13 23:26:15 ----A---- C:\Windows\system32\d3d10_1.dll
2012-03-13 20:38:51 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-13 20:38:51 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-13 20:38:50 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-13 20:38:47 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-13 20:38:46 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-13 20:38:46 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-13 20:38:45 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-09 11:59:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-03-09 11:59:40 ----A---- C:\Windows\system32\mshtmled.dll
2012-03-09 11:59:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-03-09 11:59:39 ----A---- C:\Windows\system32\iertutil.dll
2012-03-09 11:59:38 ----A---- C:\Windows\SYSWOW64\url.dll
2012-03-09 11:59:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-03-09 11:59:38 ----A---- C:\Windows\system32\url.dll
2012-03-09 11:59:38 ----A---- C:\Windows\system32\jscript9.dll
2012-03-09 11:59:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-03-09 11:59:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-03-09 11:59:37 ----A---- C:\Windows\system32\jscript.dll
2012-03-09 11:59:37 ----A---- C:\Windows\system32\ieui.dll
2012-03-09 11:59:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-03-09 11:59:36 ----A---- C:\Windows\system32\urlmon.dll
2012-03-09 11:59:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-03-09 11:59:34 ----A---- C:\Windows\system32\wininet.dll
2012-03-09 11:59:34 ----A---- C:\Windows\system32\jsproxy.dll
2012-03-09 11:59:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-03-09 11:59:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-03-09 11:59:29 ----A---- C:\Windows\system32\mshtml.dll
2012-03-09 11:59:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-03-09 11:59:26 ----A---- C:\Windows\system32\ieframe.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\wextract.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\webcheck.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\vbscript.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\pngfilt.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\occache.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msrating.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msls31.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\mshtmler.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\mshta.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msfeedssync.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msfeeds.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\licmgr10.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\inseng.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\imgutil.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iexpress.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieUnatt.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iesysprep.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iesetup.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iernonce.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iepeers.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iedkcs32.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieapfltr.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieapfltr.dat
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieakui.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieaksie.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieakeng.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ie4uinit.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\icardie.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\dxtrans.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\dxtmsft.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\admparse.dll

======List of files/folders modified in the last 1 month======

2012-04-08 20:47:21 ----D---- C:\Windows\Temp
2012-04-08 20:47:18 ----RD---- C:\Program Files
2012-04-08 20:21:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-04-08 19:29:11 ----D---- C:\Windows\System32
2012-04-08 19:29:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-08 19:29:10 ----D---- C:\Windows\inf
2012-04-08 19:25:43 ----A---- C:\Windows\ntbtlog.txt
2012-04-08 17:29:00 ----D---- C:\Windows\Prefetch
2012-04-08 17:24:33 ----D---- C:\Windows
2012-04-08 17:24:32 ----D---- C:\Windows\SysWOW64
2012-04-08 17:24:10 ----D---- C:\Windows\system32\wfp
2012-04-08 17:24:08 ----D---- C:\Windows\system32\wbem
2012-04-08 17:23:11 ----D---- C:\Windows\system32\config
2012-04-08 17:23:06 ----D---- C:\Windows\Tasks
2012-04-08 17:23:06 ----D---- C:\Windows\system32\DriverStore
2012-04-08 17:23:06 ----D---- C:\Windows\system32\catroot2
2012-04-08 17:23:05 ----D---- C:\Windows\system32\Tasks
2012-04-08 17:23:05 ----D---- C:\Windows\system32\CodeIntegrity
2012-04-08 17:23:04 ----D---- C:\Windows\AppCompat
2012-04-08 17:22:59 ----D---- C:\Windows\registration
2012-04-08 17:22:50 ----D---- C:\Users\meno\AppData\Roaming\Skype
2012-04-08 17:22:49 ----D---- C:\ProgramData\Real
2012-04-08 17:20:17 ----SHD---- C:\System Volume Information
2012-03-30 23:33:14 ----D---- C:\Program Files (x86)
2012-03-30 23:33:11 ----SHD---- C:\Windows\Installer
2012-03-27 22:43:44 ----D---- C:\Windows\Minidump
2012-03-25 08:42:37 ----D---- C:\Windows\twain_32
2012-03-24 20:21:56 ----D---- C:\Windows\system32\NDF
2012-03-24 12:47:20 ----D---- C:\Users\meno\AppData\Roaming\Mozilla
2012-03-20 16:54:47 ----RSD---- C:\Windows\assembly
2012-03-20 16:54:47 ----D---- C:\Windows\Microsoft.NET
2012-03-16 11:24:43 ----D---- C:\ProgramData\Microsoft Help
2012-03-15 13:52:58 ----A---- C:\Windows\win.ini
2012-03-14 13:33:03 ----D---- C:\Windows\winsxs
2012-03-14 12:00:37 ----D---- C:\Windows\system32\catroot
2012-03-14 11:54:14 ----D---- C:\Windows\system32\drivers
2012-03-14 00:22:09 ----A---- C:\Windows\system32\MRT.exe
2012-03-10 15:47:05 ----D---- C:\Windows\rescache
2012-03-09 14:07:58 ----D---- C:\Windows\SYSWOW64\migration
2012-03-09 14:07:58 ----D---- C:\Program Files\Internet Explorer
2012-03-09 14:07:58 ----D---- C:\Program Files (x86)\Internet Explorer
2012-03-09 14:07:57 ----D---- C:\Windows\system32\migration
2012-03-09 10:35:33 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-03-09 10:35:33 ----D---- C:\Windows\system32\sk-SK
2012-03-09 10:35:30 ----D---- C:\Windows\SYSWOW64\en-US
2012-03-09 10:35:27 ----D---- C:\Windows\PolicyDefinitions
2012-03-09 10:35:26 ----D---- C:\Windows\system32\en-US
2012-03-09 10:12:56 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33608]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 acedrv07;acedrv07; \??\C:\Windows\system32\drivers\acedrv07.sys [2011-09-18 125440]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2011-09-04 335288]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-09-19 310984]
S2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 145336]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 169080]
S2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 44944]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-09-19 42696]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 20992]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-11-06 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-11-06 27176]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
S2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 23296]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-09 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-09-17 651776]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[zuza12345]

Tak jak to se mnou vypada?
Mam neco udelat?Combofix nebo take neco?

[Rudy]

Nejdříve z toho vyházíme zbytečnosti. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu, Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\ICQ6Toolbar
C:\Program Files (x86)\MAX_EN_Atube
C:\Program Files (x86)\BrotherSoft_Extreme
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
C:\Program Files (x86)\ConduitEngine
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Microsoft\BingBar
C:\Users\meno\AppData\Local\Facebook\Update
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3722407231-4164073853-3982033338-1000UA.job
C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\searchplugins\conduit.xml

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6315c48-f861-4913-9578-1b5fac41ebe0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
"swg"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-

:services
ICQ Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[zuza12345]

Logfile of random's system information tool 1.09 (written by random/random)
Run by meno at 2012-04-08 22:03:54
Microsoft Windows 7 Home Premium
System drive C: has 181 GB (76%) free of 238 GB
Total RAM: 3835 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:58, on 8. 4. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\meno.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {b6315c48-f861-4913-9578-1b5fac41ebe0} - (no file)
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\meno\Desktop\OTM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\meno\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bing Bar Update Service (BBSvc) - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SeaPort - Unknown owner - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13176 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Users\meno\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "extensions.enabledItems" - "{635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, wrc@avast.com:6.0.1289, engine@conduit.com:3.3.3.2, toolbar@ask.com:3.13.1.18132, {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.3.3.2, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.5.0.12, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://websearch.search-results.com/red ... YYYYYGB&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198]
"Description"=15.0.0.198
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
fcmdSrch.xml
google.xml
McSiteAdvisor.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\
af-ZA@dictionaries.addons.mozilla.org
engine@conduit.com
toolbar@ask.com
{51a86bb3-6602-4c85-92a5-130ee4864f13}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{800b5000-a755-47e1-992b-48a1c1357f07}
{b6315c48-f861-4913-9578-1b5fac41ebe0}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
search-results.xml
SmileyCentral_1v.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2716216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\meno\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_Plugin.exe [2010-08-17 232912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"NBAgent"=c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
""= []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-10 932288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2011-12-09 296056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"=grpconv -o []
"OTM"=C:\Users\meno\Desktop\OTM.exe [2012-04-08 523264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-04-08 21:46:32 ----D---- C:\_OTM
2012-04-08 21:22:29 ----D---- C:\Users\meno\AppData\Roaming\Systweak
2012-04-08 21:22:28 ----A---- C:\Windows\system32\roboot64.exe
2012-04-08 21:22:26 ----D---- C:\Program Files (x86)\RegClean Pro
2012-04-08 20:47:18 ----D---- C:\Program Files\trend micro
2012-04-08 20:47:16 ----D---- C:\rsit
2012-03-24 21:27:19 ----D---- C:\Users\meno\AppData\Roaming\WinRAR
2012-03-24 21:27:14 ----D---- C:\Program Files\WinRAR
2012-03-24 21:24:12 ----D---- C:\Users\meno\AppData\Roaming\SharePod
2012-03-15 13:55:19 ----SHD---- C:\Config.Msi
2012-03-14 11:59:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 11:59:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 11:59:25 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-13 23:26:22 ----A---- C:\Windows\system32\win32k.sys
2012-03-13 23:26:19 ----A---- C:\Windows\system32\DWrite.dll
2012-03-13 23:26:18 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-13 23:26:17 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-03-13 23:26:17 ----A---- C:\Windows\system32\d3d10warp.dll
2012-03-13 23:26:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-03-13 23:26:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-03-13 23:26:16 ----A---- C:\Windows\system32\d2d1.dll
2012-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-03-13 23:26:15 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-03-13 23:26:15 ----A---- C:\Windows\system32\d3d10_1.dll
2012-03-13 20:38:51 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-13 20:38:51 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-13 20:38:50 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-13 20:38:47 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-13 20:38:46 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-13 20:38:46 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-13 20:38:45 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-09 11:59:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-03-09 11:59:40 ----A---- C:\Windows\system32\mshtmled.dll
2012-03-09 11:59:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-03-09 11:59:39 ----A---- C:\Windows\system32\iertutil.dll
2012-03-09 11:59:38 ----A---- C:\Windows\SYSWOW64\url.dll
2012-03-09 11:59:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-03-09 11:59:38 ----A---- C:\Windows\system32\url.dll
2012-03-09 11:59:38 ----A---- C:\Windows\system32\jscript9.dll
2012-03-09 11:59:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-03-09 11:59:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-03-09 11:59:37 ----A---- C:\Windows\system32\jscript.dll
2012-03-09 11:59:37 ----A---- C:\Windows\system32\ieui.dll
2012-03-09 11:59:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-03-09 11:59:36 ----A---- C:\Windows\system32\urlmon.dll
2012-03-09 11:59:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-03-09 11:59:34 ----A---- C:\Windows\system32\wininet.dll
2012-03-09 11:59:34 ----A---- C:\Windows\system32\jsproxy.dll
2012-03-09 11:59:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-03-09 11:59:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-03-09 11:59:29 ----A---- C:\Windows\system32\mshtml.dll
2012-03-09 11:59:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-03-09 11:59:26 ----A---- C:\Windows\system32\ieframe.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\wextract.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\occache.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msrating.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msls31.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\mshta.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\inseng.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieakui.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieaksie.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ieakeng.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\icardie.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2012-03-09 10:11:18 ----A---- C:\Windows\SYSWOW64\admparse.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\wextract.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\webcheck.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\vbscript.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\pngfilt.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\occache.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msrating.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msls31.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\mshtmler.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\mshta.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msfeedssync.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\msfeeds.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\licmgr10.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\inseng.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\imgutil.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iexpress.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieUnatt.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iesysprep.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iesetup.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iernonce.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iepeers.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\iedkcs32.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieapfltr.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieapfltr.dat
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieakui.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieaksie.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ieakeng.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\ie4uinit.exe
2012-03-09 10:11:17 ----A---- C:\Windows\system32\icardie.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\dxtrans.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\dxtmsft.dll
2012-03-09 10:11:17 ----A---- C:\Windows\system32\admparse.dll

======List of files/folders modified in the last 1 month======

2012-04-08 22:03:52 ----D---- C:\Windows\Temp
2012-04-08 22:03:16 ----A---- C:\Windows\ntbtlog.txt
2012-04-08 22:01:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-04-08 21:48:23 ----D---- C:\Windows
2012-04-08 21:47:07 ----D---- C:\Windows\Tasks
2012-04-08 21:47:06 ----D---- C:\Program Files (x86)\Microsoft
2012-04-08 21:46:33 ----D---- C:\Program Files (x86)\Google
2012-04-08 21:46:33 ----D---- C:\Program Files (x86)
2012-04-08 21:22:28 ----D---- C:\Windows\System32
2012-04-08 21:04:30 ----D---- C:\Program Files (x86)\DsNET Corp
2012-04-08 21:04:29 ----D---- C:\Windows\SysWOW64
2012-04-08 20:47:18 ----RD---- C:\Program Files
2012-04-08 19:29:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-08 19:29:10 ----D---- C:\Windows\inf
2012-04-08 17:29:00 ----D---- C:\Windows\Prefetch
2012-04-08 17:24:10 ----D---- C:\Windows\system32\wfp
2012-04-08 17:24:08 ----D---- C:\Windows\system32\wbem
2012-04-08 17:23:11 ----D---- C:\Windows\system32\config
2012-04-08 17:23:06 ----D---- C:\Windows\system32\DriverStore
2012-04-08 17:23:06 ----D---- C:\Windows\system32\catroot2
2012-04-08 17:23:05 ----D---- C:\Windows\system32\Tasks
2012-04-08 17:23:05 ----D---- C:\Windows\system32\CodeIntegrity
2012-04-08 17:23:04 ----D---- C:\Windows\AppCompat
2012-04-08 17:22:59 ----D---- C:\Windows\registration
2012-04-08 17:22:50 ----D---- C:\Users\meno\AppData\Roaming\Skype
2012-04-08 17:22:49 ----D---- C:\ProgramData\Real
2012-04-08 17:20:17 ----SHD---- C:\System Volume Information
2012-03-30 23:33:11 ----SHD---- C:\Windows\Installer
2012-03-27 22:43:44 ----D---- C:\Windows\Minidump
2012-03-25 08:42:37 ----D---- C:\Windows\twain_32
2012-03-24 20:21:56 ----D---- C:\Windows\system32\NDF
2012-03-24 12:47:20 ----D---- C:\Users\meno\AppData\Roaming\Mozilla
2012-03-20 16:54:47 ----RSD---- C:\Windows\assembly
2012-03-20 16:54:47 ----D---- C:\Windows\Microsoft.NET
2012-03-16 11:24:43 ----D---- C:\ProgramData\Microsoft Help
2012-03-15 13:52:58 ----A---- C:\Windows\win.ini
2012-03-14 13:33:03 ----D---- C:\Windows\winsxs
2012-03-14 12:00:37 ----D---- C:\Windows\system32\catroot
2012-03-14 11:54:14 ----D---- C:\Windows\system32\drivers
2012-03-14 00:22:09 ----A---- C:\Windows\system32\MRT.exe
2012-03-10 15:47:05 ----D---- C:\Windows\rescache
2012-03-09 14:07:58 ----D---- C:\Windows\SYSWOW64\migration
2012-03-09 14:07:58 ----D---- C:\Program Files\Internet Explorer
2012-03-09 14:07:58 ----D---- C:\Program Files (x86)\Internet Explorer
2012-03-09 14:07:57 ----D---- C:\Windows\system32\migration
2012-03-09 10:35:33 ----D---- C:\Windows\SYSWOW64\sk-SK
2012-03-09 10:35:33 ----D---- C:\Windows\system32\sk-SK
2012-03-09 10:35:30 ----D---- C:\Windows\SYSWOW64\en-US
2012-03-09 10:35:27 ----D---- C:\Windows\PolicyDefinitions
2012-03-09 10:35:26 ----D---- C:\Windows\system32\en-US
2012-03-09 10:12:56 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33608]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 acedrv07;acedrv07; \??\C:\Windows\system32\drivers\acedrv07.sys [2011-09-18 125440]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2011-09-04 335288]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-09-19 310984]
S2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 145336]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 169080]
S2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-12-18 44944]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-09-19 42696]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2009-03-23 20992]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-11-06 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-11-06 27176]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
S2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE []
S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 23296]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-09 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-09-17 651776]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

stale jsem v nouzovem rezimu.po restartu zustala pouze cerna obrazovka(normalni rezim).

[Rudy]

Dvouklikem na C:\Program Files\trend micro\meno.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - {b6315c48-f861-4913-9578-1b5fac41ebe0} - (no file)
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
R3 - URLSearchHook: (no name) - - (no file)

Klikněte na >FixChecked< a restartujte PC.

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[zuza12345]

ComboFix 12-04-08.02 - meno . 04. 2012 11:13:10.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3835.2360 [GMT 1:00]
Running from: c:\users\meno\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\TOSHIBA
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.dckev
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\0c.mck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile-CMSM.txt
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\consfile.txt
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def-V.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.dckev
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\Cmsm\def.mck
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database
c:\programdata\TOSHIBA\SmartFaceV\FaceLib\LIB\config_id_database.dat
c:\programdata\TOSHIBA\SmartFaceV\FaceRecogLog\FaceRecogLog
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVCam.ini
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVSetting.ini
c:\programdata\TOSHIBA\SmartFaceV\SmartFaceVWatcher.ini
c:\programdata\TOSHIBA\SmartFaceV\Users\userdata.dat
c:\programdata\TOSHIBA\TSS\ToshibaUpdates.xml
c:\users\meno\AppData\Roaming\Toshiba
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards.xml.bak
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\Board.xml.bak
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\6707b0cd-082a-4b90-bcf3-1b42b948b9f7\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\109ecccd-40af-4ee7-b6e5-8569155e9497\Get Started Board_layer_r4_c70.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\2046a6be-1dd1-4c9e-8abf-78a409dcbda1\Get Started Board_layer_r2_c50.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\26f46300-2963-4b51-8b72-ab5327c868da\Get Started Board_layer_r5_c100.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\6a5e2063-8a89-41e7-b7d5-6aae76a3c842\Get Started Board_layer_r2_c20.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\ad2e3ad8-3cc5-41f2-9dd1-4836bea528ad\Get Started Board_layer_r5_c40.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\bc608d8c-7da1-4b6f-b7d3-8fce18425a17\IMG_2866000000.jpg.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\Board.xml
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.icon.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\8f210e83-be23-4aa7-9ad2-52cc0525878d\f8891314-3d75-41ad-a271-0e603518934d\Get Started Board_layer_r2_c110.png.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\board1.xml
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c110.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c20.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r2_c50.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r4_c70.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c100.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Get Started Board_layer_r5_c40.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\Help_Top000000.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Boards\IMG_2866000000.jpg
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\BulletinBoardLog.txt
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\screenshot.png
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Settings.xml.bak
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\Share.xml
c:\users\meno\AppData\Roaming\Toshiba\BulletinBoard\ToshibaBoardSettings.xml
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUAppData.dat
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTime.MRUFileData.dat
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\Exception.log
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUAppData.dat
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\ReelTime.MRUFileData.dat
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\ReelTime.setting.xml
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0234f973-ccd8-432c-b8f9-0f8ee72f9862.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\031b2b13-9636-4778-a63e-b0863b6f26e6.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0547971f-d34f-4a52-af39-daa4bc2e8a30.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\06a1ce2a-2b03-4a2f-bd3d-05648b9e8582.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0851a7a0-bcfe-4fef-b788-ceed82c0b35d.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\09af2645-bab8-4883-97b5-d88643745d98.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0a934478-4a4b-43b1-8a56-17bcc875a731.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0bb7271e-94b4-4c48-8b81-c339cbc99674.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0bf80623-7cb0-4cfb-9317-73bba60e116a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0e46bda3-e7cc-4eb7-849e-8899d0a67ede.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0ebabe6a-4e1f-48bd-a725-3752948494d8.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\0ec6f9d6-94d3-4d47-b4cb-281429a418a9.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\10cdf84d-9bbe-489c-add8-cec67c7f3563.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1173e015-0cc9-47d9-b890-df50c197d874.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\12853d9c-1f51-4829-bd76-ab9e87278a70.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1298383b-9cdc-49d1-b4dd-5eac10011506.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\18dfb1ee-a7e3-4456-a718-c12e3796f712.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1ca559ba-cf00-4dcd-a45b-990b0723dc97.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1d4879d5-d6b1-4df6-8a84-953c25db4e12.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1dade955-29c6-4dc0-a2ad-00d4f481e1c5.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1dd36ef9-4692-402c-b7b1-f5c08fef0186.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\1e1f83f1-b8e8-454d-8469-dd237e8038b3.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\210b63b8-1efe-48e2-bb92-c09330ffe287.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\21574ef1-c54b-42f6-bee3-f753e228d18e.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\235f5062-0cab-490b-b15d-ce5cc493f7db.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\24d1c6e5-badc-4154-a7ab-63e8b28101b1.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\281e2b49-5b97-4575-a0b8-e5e87b45ce4c.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\2958dcd3-582b-4f92-8b67-ec5adff257ba.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\2b8d4d33-fc9d-4e1c-bf7d-cd27a1a61b42.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\2d4c71d5-60e3-4b33-b78a-21d7032e6509.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\3229e4cf-0234-4ac4-8bd3-e70bd0758410.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\35a37250-e00b-4056-8c2e-a175524c0229.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\390efece-779d-42cb-9a47-4373b6116b39.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\3a83f670-e4a3-45ef-802d-2e40e8cd05c0.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\3b52d0dc-e9db-406d-a1c6-aac22ae1b1d3.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\3b6ff72b-7b85-46c1-834e-ce718637353a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\3d319c97-e12d-40e8-b1d5-c2fd77e3b8ed.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\411723b4-ded6-4709-b1ce-3942178ca0a7.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\422a1016-6e5e-4932-a5a8-ed44f690b838.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\45f275c8-b663-4888-85e8-d68a13dbe86d.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\46cba4b3-d0b9-4173-abe7-a7308282b69c.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\4791b308-e669-429d-8ae6-36605b30d822.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\497f76ed-58a9-4aed-8161-ff00311cf54c.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\4a32015c-fa85-442b-a97f-8fa0d34843da.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\4a7920b6-f838-45d8-b272-23ba81707335.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\4c9518ed-6675-4141-85da-a5f92da0b977.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\4d3b9727-327b-4a42-a3c2-09d22e6a8101.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\502b5c6e-50b0-4f28-93e2-9ed84ef91d78.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\50e7a4d7-df2a-4dc9-ae4d-abc09784e185.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\5211c4e7-cbc2-46cb-90b1-4d9c6c2e1f07.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\54b3d3fc-f4b1-4d02-9fa5-2c07946629e8.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\551e147b-9415-4a15-a1cc-28a74a2f4c40.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\5acc458b-5c4b-437d-9051-0cb1bb0000c9.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\5cbcf109-0a01-4664-9f3c-b6544cadaafc.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\60593e97-cf16-4706-8472-1d2ac6671e08.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\62871262-69d9-48bd-9e6c-898f34358e81.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\64b85d9a-7962-4833-89c3-ef4c0c0206f6.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\65cd8915-2e27-4196-b3f6-bf30416ec507.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\65ebc34b-533e-45ca-99f0-5b433602af9b.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\69eb13cc-d93c-45e0-aa1b-e08385916f3a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\6d29a76c-3fb9-4ee2-b1ba-4681c9137a46.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\6e7ec023-2ad0-4d1b-b3ed-de7f9776fe21.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\702b3fd2-4f8c-4cf7-a4a9-9c9585f34c52.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\72357b20-9a50-4806-8966-3fbd5eaca93b.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\73168973-82c8-4c81-b6d2-6468ec7fc794.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\732fe02d-e46f-449e-aec6-db86a9f9cf36.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\76c17913-c1b8-4dd2-9f5e-856e229b2f69.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\773f4440-7f2d-4d9a-ae77-5537fc0053ce.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\780048a8-bf27-4102-ada3-c16a5f8f7ce2.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\79ab1579-fb28-4a58-b531-9e27cbd9e098.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\79df630c-fa3a-4ebb-91eb-71456a9c4276.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\7a67b601-36f7-4121-8d10-23334a1e78fb.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\7b55b583-c5e4-4f60-b7b7-af99492b1a52.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\7d3d1668-edb5-48aa-ab65-530fd2337b61.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\7de9500e-1140-4631-b0d4-c16e080684de.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\800a94c4-2eda-419a-ae4a-3e910778f637.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\80e387f5-547c-4148-96f8-7bf96652f53e.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\81ef3db3-bbc8-4662-8c42-f76332f0d05f.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\842ac073-b71a-4414-bbcf-b2b29e0e2d8b.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\858a6027-7775-4dd4-9538-15c250656886.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\866290a5-b9c5-41cc-b983-5ce0d74e7a17.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\883d6e2a-68fb-4283-b7fb-bb89fc658e1a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\893e0d31-dcf0-49c8-a5b4-291c5f91e215.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\8b4012bf-5fac-489f-a309-3c18106d19bb.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\8d68be7b-e1d8-4da4-8ae4-7acd91c8bf5e.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\8e77bd15-8307-41b6-a754-09fff1471b8f.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\8f339c06-21b0-4b3c-82a3-bc86a9b48853.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\9066147c-bc08-42cd-aafa-d5236a7c1fca.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\926cc388-d6c9-4fd8-8973-2128c02c30b5.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\94020987-c27c-4402-a07b-6453c7474740.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\96ee238b-5390-4f17-a397-4f21da887c3c.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\9888bf01-e1fb-4468-95b6-2e1400f55318.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\99500ea9-be90-48f6-905f-64390d9e3d16.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\995a4e19-d4d7-4d4f-8cfd-0f5fd37777c1.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\9af69bc3-110f-4ff7-8d25-d88e170f26d2.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\9b282abe-d469-41dd-82e2-e548266d0d75.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\9b45fb7e-c973-4a31-88ac-951efd8993cb.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\9d8a7241-b455-40c6-996c-1d0b35c10798.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\a17591cf-0fba-4f48-9503-d93bca954532.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\a3638c97-79c5-4be9-95fd-861603c0b0d5.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\a5ab24ae-c2cb-40ec-a0e2-02924bb7e4f7.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\ac93a107-ab81-4ab1-8093-4481fa6b54ce.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\ad819829-64ce-48b8-b211-7772996e1486.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\aeefef56-6089-4aae-b839-a5800617ce21.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\af0e9ec3-13a9-4081-bedf-6bef2c7f4615.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\b12abc58-5084-49c0-b339-300b45b6b242.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\b663e839-74d2-4494-9ded-223d92bb5977.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\b6f8ed3d-d7ed-4b88-a46d-8214b26c4dcf.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\b771f876-c485-4808-bb8c-9fc997790bf6.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c2bf2cd9-7a84-4bb3-86eb-a48c52edc24b.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c2c4eaa3-a8bf-4843-86a7-5d62d111b48f.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c2cbf125-c72b-4fa0-8154-edd4a22fadc3.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c414652c-88fb-4b2e-af2b-a2311c3d8a4e.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c5a24a84-357c-4e01-9213-7004585d2dff.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c8ae84ee-1b8c-4a03-a993-8c20a6672161.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\c9694074-77b0-44be-8b09-d2883d823861.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\ce15e620-dccc-4eb2-823f-b9566be58e14.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\cec891de-6981-403d-ae02-64dde0bb6f1a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\cfa557dc-09b3-43a7-aebb-3b7dba70914f.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d10dd917-e8ce-46b0-bfff-cf6bf2b1c210.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d18a9cb1-e64b-41b4-8fef-1cf15f38a61d.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d1c858c3-5504-4a24-8cff-dfcf563f82f4.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d1c94650-e15f-40d6-b217-81499e9da520.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d2caba5d-ac5e-489c-a811-2a8f1c4421e5.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d58de712-f3f3-481a-ac2a-6820e59ed257.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d5e57ac1-74e1-4ebc-871a-f3d6971628f8.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d615017c-5050-47cd-b112-9cd481ec65e8.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d7ddbbc5-9add-486d-87d6-914057959519.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\d9887273-c4b2-4a5f-b7c0-9ef089ffa68a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\dcb69103-41d8-4745-a9ff-2e9bb17725a8.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\e70ab05c-aeed-4be5-9ead-1268cfa39b8a.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\e772a125-5e1e-4559-b717-0e26f7649431.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\e96329ac-dc65-4f91-993d-2b69c1e2a795.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\ebad7edf-9f97-432f-89f5-14a9dc6f7884.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\eee8e7c8-9e04-4fc9-9564-9ad0236fa63e.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\efe2933f-0d45-4364-9ad4-43ea82d80367.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\eff7a142-39f3-4674-8621-c208f76ff3bb.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\f0954d71-e654-45f9-bbe2-fbf1a6e4bdc4.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\f46ed229-ec44-47ff-a64d-7fcecad74b8c.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\f516755f-bd3a-45ee-b9fb-36a4251ce0bd.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\f545bbea-35a4-4a51-bb9f-ea15d0df6257.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\f7d6de54-913e-46be-9153-53d3da95b6ba.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\fc045d21-8d15-4a73-b332-df3910723b85.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\fe090a4f-cbee-4a40-878b-f2b4247f973c.png
c:\users\meno\AppData\Roaming\Toshiba\ReelTime\UserData\fe862aee-70bc-4e88-aef2-c3e664d72821.png
.
.
((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-09 10:21 . 2012-04-09 10:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-09 10:15 . 2012-04-09 10:15 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5928E7E-1912-4164-97CB-6A236710A809}\offreg.dll
2012-04-09 10:09 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5928E7E-1912-4164-97CB-6A236710A809}\mpengine.dll
2012-04-08 20:46 . 2012-04-08 20:46 -------- d-----w- C:\_OTM
2012-04-08 20:22 . 2012-04-08 20:22 -------- d-----w- c:\users\meno\AppData\Roaming\Systweak
2012-04-08 20:22 . 2011-07-07 12:26 18816 ----a-w- c:\windows\system32\roboot64.exe
2012-04-08 20:22 . 2012-04-08 20:22 -------- d-----w- c:\program files (x86)\RegClean Pro
2012-04-08 19:47 . 2012-04-09 09:50 -------- d-----w- c:\program files\trend micro
2012-04-08 19:47 . 2012-04-08 19:47 -------- d-----w- C:\rsit
2012-03-24 20:24 . 2012-03-24 20:24 -------- d-----w- c:\users\meno\AppData\Roaming\SharePod
2012-03-14 10:59 . 2011-11-19 18:30 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 10:59 . 2011-11-19 14:25 3957616 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 10:59 . 2011-11-19 14:25 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-13 22:26 . 2012-02-03 04:16 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-03-13 22:26 . 2012-02-10 06:18 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-03-13 22:26 . 2012-02-10 05:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 22:26 . 2012-02-10 06:17 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-13 22:26 . 2012-02-10 06:17 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-13 22:26 . 2012-02-10 05:41 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-03-13 22:26 . 2012-02-10 06:17 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-13 22:26 . 2012-02-10 05:41 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-03-13 22:26 . 2012-02-10 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-13 22:26 . 2012-02-10 05:41 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-03-13 22:26 . 2012-02-10 05:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-13 19:38 . 2012-01-25 06:27 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 19:38 . 2012-01-25 06:20 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 19:38 . 2012-01-25 06:27 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 19:38 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 19:38 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 19:38 . 2012-02-15 04:47 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 19:38 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-09 09:11 . 2012-03-09 09:11 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-09 09:11 . 2012-03-09 09:11 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-09 09:11 . 2012-03-09 09:11 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-09 09:11 . 2012-03-09 09:11 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-09 09:11 . 2012-03-09 09:11 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-09 09:11 . 2012-03-09 09:11 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-09 09:11 . 2012-03-09 09:11 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-09 09:11 . 2012-03-09 09:11 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-09 09:11 . 2012-03-09 09:11 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-09 09:11 . 2012-03-09 09:11 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-09 09:11 . 2012-03-09 09:11 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-09 09:11 . 2012-03-09 09:11 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-09 09:11 . 2012-03-09 09:11 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-09 09:11 . 2012-03-09 09:11 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-09 09:11 . 2012-03-09 09:11 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-09 09:11 . 2012-03-09 09:11 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-09 09:11 . 2012-03-09 09:11 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-09 09:11 . 2012-03-09 09:11 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-09 09:11 . 2012-03-09 09:11 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-09 09:11 . 2012-03-09 09:11 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-09 09:11 . 2012-03-09 09:11 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-09 09:11 . 2012-03-09 09:11 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-09 09:11 . 2012-03-09 09:11 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-09 09:11 . 2012-03-09 09:11 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-09 09:11 . 2012-03-09 09:11 448512 ----a-w- c:\windows\system32\html.iec
2012-03-09 09:11 . 2012-03-09 09:11 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-09 09:11 . 2012-03-09 09:11 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-09 09:11 . 2012-03-09 09:11 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-09 09:11 . 2012-03-09 09:11 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-09 09:11 . 2012-03-09 09:11 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-09 09:11 . 2012-03-09 09:11 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-09 09:11 . 2012-03-09 09:11 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-09 09:11 . 2012-03-09 09:11 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-09 09:11 . 2012-03-09 09:11 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-23 09:18 . 2010-08-17 10:21 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R4 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-02-12 136136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.8&q=
FF - prefs.js: browser.search.selectedEngine - Search-Results
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://websearch.search-results.com/redirect?client=ff&src=kw&tb=STC-SRS&o=41647869&locale=en_UK&apn_uid=5210A4BA-BB94-4AB5-AF4A-304DC223A1C7&apn_ptnrs=1S&apn_sauid=B299C78F-64DD-45F7-9C08-2CC38511D0FB&apn_dtid=YYYYYYYYGB&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Search-Results Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{B6315C48-F861-4913-9578-1B5FAC41EBE0} - (no file)
WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-MAX_EN_Atube Toolbar - c:\progra~2\MAX_EN~1\UNWISE.EXE
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_F91D44FAA5479127.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-09 11:24:50
ComboFix-quarantined-files.txt 2012-04-09 10:24
.
Pre-Run: 189 436 084 224 bytes free
Post-Run: 188 692 000 768 bytes free
.
- - End Of File - - 70609A97E4941296C624DA00FCED1230

[Rudy]

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Firefox::
FF - ProfilePath - c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.8&q=
FF - prefs.js: browser.search.selectedEngine - Search-Results
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://websearch.search-results.com/red ... YYYYYGB&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Search-Results Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[zuza12345]

ComboFix 12-04-08.02 - meno . 04. 2012 12:03:19.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3835.2231 [GMT 1:00]
Running from: c:\users\meno\Downloads\ComboFix.exe
Command switches used :: c:\users\meno\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video\content\divx32x32.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video\content\dwp.xul
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video\content\script.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video\chrome.manifest
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video\install.rdf
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome.manifest
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\crossContextCommunication.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\dwp.xul
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\HiQLocale.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\HiQSmartUpdate.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\divx128x128.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\divx32x32.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\divx48x48.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\enabled.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-arrow_back.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enable-cap.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enable-down.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enable-hover.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enable.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-cap-square.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-close-down.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-close-hover.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-close.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-help-down.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-help-hover.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-help.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-check.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-checked.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-leftcap.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-rightcap.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-settings-down.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-settings-hover.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\images\hiq-enabled-settings.png
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\json-sans-eval.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\style.css
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\wpaCommon.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\chrome\content\wpaContentScript.js
c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa\install.rdf
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\preview.png
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome.manifest
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.js
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext\ffjcext.dtd
c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\ConduitAutoCompleteSearch.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\ConduitAutoCompleteSearch.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\ConduitToolbar.idl
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\ConduitToolbar.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\ConduitToolbar.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCore.dll
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCore.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCoreGecko19.dll
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\alertSettingsComponent.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\appContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\engineContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\engineSettings.json
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\fbAlert.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\getAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\postAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\toolbarContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\defaults\unsharedAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\chrome.manifest
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\chrome\brothersoft_extreme.jar
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\lib\xpcom.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\META-INF\manifest.mf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\META-INF\zigbert.rsa
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\META-INF\zigbert.sf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\searchplugin\conduit.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\searchplugin\conduit.ico
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\searchplugin\conduit.PNG
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\searchplugin\conduit.src
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\searchplugin\conduit.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\setup.ini
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\version.txt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\extconfig.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsIYahooEventTipManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsIYahooEventTipManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsIYahooUrlProbe.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsIYahooUrlProbe.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahoo404NavAssist.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahoo404NavAssist.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooAlertManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooAlertManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooBookmarkManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooBookmarkManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooCache.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooCache.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooCNAManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooCNAManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooConfigManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooConfigManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooDomBuilder.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedFetcher.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedFetcher.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedNode.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFeedProcessor.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFileIO.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooFileIO.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooLocalButtonProcessor.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooLocalButtonProcessor.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooLocalStorage.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooLocalStorage.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooMailSingleInstance.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooMailSingleInstance.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooPluginCallBack.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooPluginCallBack.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooPluginManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooPluginManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooSearchIndexer.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooSearchIndexer.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooToolbarManager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYahooToolbarManager.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYLogFileAppender.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYLogger.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\nsYLogger.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\Lightening.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences\yahoo.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome.manifest
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome\ytoolbar.jar
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\manifest.mf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.rsa
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF\zigbert.sf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\hpprotect.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\hpprotect.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqsearch.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\ppc.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\hpprotect.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\alertSettingsComponent.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\appContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\engineContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\engineSettings.json
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\fbAlert.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\getAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\postAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\toolbarContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\unsharedAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome.manifest
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\manifest.mf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.rsa
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.sf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\DataStructures.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\EBEncryption.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\HTTP.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Chat.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\IO.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Log.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\MainSingleton.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\MD5.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Notifications.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ObserversAndEvents.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Prefs.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\SearchProtector.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\SearchSuggestIO.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\String.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\TEAEncryption.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Timer.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Twitter.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\URL.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\Windows.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\XML.jsm
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\setup.ini
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\version.txt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\chrome.manifest
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\lib\xpcom.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\engine@conduit.com\version.txt
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\defaults.js.bak
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js.bak
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome.manifest
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\bindings.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\button-bindings.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\cache.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\core.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\dynamic-button-manager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\dynamic-button.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\feeds.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\highlight-to-search.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\http-headers.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\locale.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\newtab-manager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\newtab-overlay.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\newtab.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\newtab.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\notification-popup-controller.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\notification-popup-ff3.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\notification-popup.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\notification.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\prefetch.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\update.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\updateRdf.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\abc.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\as.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\ask_blue_logo.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\asklogo_16x21.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\b-p.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\b.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\bbc_news.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\beppe_grillo.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\bg.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\bild.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\bl-pbl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\bl-pbr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\bl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\br-pbl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\br-pbr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\br.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\business.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\businessRU.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\celebrity.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\citysearch_a.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\close.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\cnn_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\corriere_della_sera.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\default.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\dropmarker.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\el_mundo.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\email.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\email_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\emailplus.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\expansion.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\facebook_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\film1.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\folha.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\ft.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\ftd.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\g1.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\games_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\gazzetta_dello_sport.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\history.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\hola.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\icon_radio_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\icon_vk_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\kicker.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\l.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\laposte.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\lemonde.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\lequipe.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\libero_it.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\links-ZZ.properties
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\magnify_search_grey_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\mtv.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\newsNL.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\newsRU.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\newtab.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\newtab_bkg.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\newtab_search_bkg.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\notification.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\oglobo.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\orkut.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\personas.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\r.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\radiodigital.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_button.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\searchbar.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\softonic_18x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\sports.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\sportsNL.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\sportsRU.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\srlogo.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\stc.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\t-p.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\t.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\terra.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\titlebar_bg.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tl-ptl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tl-ptr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tr-ptl.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tr-ptr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tr.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tv.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\tv_movie_de.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\twitter.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\uol.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\video_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\vk.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\voici_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\weather_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\web_de.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\youtube_16x.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-24-Jun-2011-17-13-11-GMT\ff-config.zip
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-22-Oct-2011-21-50-01-GMT\ff-config.zip
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-22-Oct-2011-21-50-08-GMT\ff-config.zip
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-02-Jun-2011-19-25-49-GMT\ff-config.zip
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-22-Nov-2011-16-07-15-GMT\ff-config.zip
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-01-Jun-2011-04-16-11-GMT\ff-config.zip
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\install.rdf
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\logs\asktb-log-1333965319600.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\logs\asktb-log-1333965888201.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\logs\asktb-log-1333967197365.html
c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\extensions\toolbar@ask.com\searchplugins\search-results.xml
c:\users\meno\AppData\Roaming\TOSHIBA
c:\users\meno\AppData\Roaming\TOSHIBA\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\meno\AppData\Roaming\TOSHIBA\ReelTime\ReelTimeMonitorData.dat

[zuza12345]

.
.
((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-09 11:12 . 2012-04-09 11:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-09 10:15 . 2012-04-09 10:15 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5928E7E-1912-4164-97CB-6A236710A809}\offreg.dll
2012-04-09 10:09 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5928E7E-1912-4164-97CB-6A236710A809}\mpengine.dll
2012-04-08 20:46 . 2012-04-08 20:46 -------- d-----w- C:\_OTM
2012-04-08 20:22 . 2012-04-08 20:22 -------- d-----w- c:\users\meno\AppData\Roaming\Systweak
2012-04-08 20:22 . 2011-07-07 12:26 18816 ----a-w- c:\windows\system32\roboot64.exe
2012-04-08 20:22 . 2012-04-08 20:22 -------- d-----w- c:\program files (x86)\RegClean Pro
2012-04-08 19:47 . 2012-04-09 09:50 -------- d-----w- c:\program files\trend micro
2012-04-08 19:47 . 2012-04-08 19:47 -------- d-----w- C:\rsit
2012-03-24 20:24 . 2012-03-24 20:24 -------- d-----w- c:\users\meno\AppData\Roaming\SharePod
2012-03-14 10:59 . 2011-11-19 18:30 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 10:59 . 2011-11-19 14:25 3957616 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 10:59 . 2011-11-19 14:25 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-13 22:26 . 2012-02-03 04:16 3143168 ----a-w- c:\windows\system32\win32k.sys
2012-03-13 22:26 . 2012-02-10 06:18 1541120 ----a-w- c:\windows\system32\DWrite.dll
2012-03-13 22:26 . 2012-02-10 05:41 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 22:26 . 2012-02-10 06:17 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-13 22:26 . 2012-02-10 06:17 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-13 22:26 . 2012-02-10 05:41 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2012-03-13 22:26 . 2012-02-10 06:17 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-03-13 22:26 . 2012-02-10 05:41 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2012-03-13 22:26 . 2012-02-10 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-13 22:26 . 2012-02-10 05:41 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2012-03-13 22:26 . 2012-02-10 05:41 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-03-13 19:38 . 2012-01-25 06:27 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 19:38 . 2012-01-25 06:20 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 19:38 . 2012-01-25 06:27 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 19:38 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 19:38 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 19:38 . 2012-02-15 04:47 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 19:38 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-09 09:11 . 2012-03-09 09:11 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-09 09:11 . 2012-03-09 09:11 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-09 09:11 . 2012-03-09 09:11 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-09 09:11 . 2012-03-09 09:11 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-09 09:11 . 2012-03-09 09:11 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-09 09:11 . 2012-03-09 09:11 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-09 09:11 . 2012-03-09 09:11 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-09 09:11 . 2012-03-09 09:11 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-09 09:11 . 2012-03-09 09:11 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-09 09:11 . 2012-03-09 09:11 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-09 09:11 . 2012-03-09 09:11 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-09 09:11 . 2012-03-09 09:11 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-09 09:11 . 2012-03-09 09:11 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-09 09:11 . 2012-03-09 09:11 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-09 09:11 . 2012-03-09 09:11 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-09 09:11 . 2012-03-09 09:11 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-09 09:11 . 2012-03-09 09:11 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-09 09:11 . 2012-03-09 09:11 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-09 09:11 . 2012-03-09 09:11 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-09 09:11 . 2012-03-09 09:11 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-09 09:11 . 2012-03-09 09:11 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-09 09:11 . 2012-03-09 09:11 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-09 09:11 . 2012-03-09 09:11 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-09 09:11 . 2012-03-09 09:11 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-09 09:11 . 2012-03-09 09:11 448512 ----a-w- c:\windows\system32\html.iec
2012-03-09 09:11 . 2012-03-09 09:11 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-09 09:11 . 2012-03-09 09:11 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-09 09:11 . 2012-03-09 09:11 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-09 09:11 . 2012-03-09 09:11 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-09 09:11 . 2012-03-09 09:11 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-09 09:11 . 2012-03-09 09:11 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-09 09:11 . 2012-03-09 09:11 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-09 09:11 . 2012-03-09 09:11 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-09 09:11 . 2012-03-09 09:11 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-23 09:18 . 2010-08-17 10:21 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
R4 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
R4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-02-11 1050072]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-10 520760]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-02-12 136136]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\meno\AppData\Roaming\Mozilla\Firefox\Profiles\gvx2o1tt.default\
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{B6315C48-F861-4913-9578-1B5FAC41EBE0} - (no file)
WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Completion time: 2012-04-09 12:15:21
ComboFix-quarantined-files.txt 2012-04-09 11:15
ComboFix2.txt 2012-04-09 10:24
.
Pre-Run: 188 793 679 872 bytes free
Post-Run: 188 494 209 024 bytes free
.
- - End Of File - - FE3E4C939EE456E1A9E773A24D2A80C4


Mohla by som sa este opytat, aky antivirus si mam nainstalovat ? Eset som vcera vymazala a zostal mi len Avast.
Teraz je uz pocitac v poriadku ? Uz idem v normalnom rezime, tak zatial krasne dakujem !

[Rudy]

Log již vypadá čistý. Spusťte znovu OTM a klikněte na Cleanup. OTM po sobě uklidí. CF odinstalujte Start>spustit>(napsat) combofix /uninstall>Enter. Avast je vcelku slušný free antivir, můžete si ho ponechat. Eset je pouze zkušební kopie (tedy v případě, že jste za něj neplatila) na 30dní