Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-12-2013
Ran by Himalaya (administrator) on IBM on 09-12-2013 23:55:16
Running from C:\Documents and Settings\Himalaya\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
(Lenovo.) C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(OptionNV) C:\WINDOWS\system32\Gtdetectsc.exe
() C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Nikon Corporation) C:\Program Files\Nikon\Wireless Connecting Utility\NkPtpEnum.exe
(Nikon Corporation) C:\Program Files\Nikon\Wireless Transmitter Utility\NkVBus\NkPtpEnum.exe
(Nalpeiron Ltd.) C:\WINDOWS\system32\nlssrv32.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
() C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
() C:\WINDOWS\system32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Photodex\ProShowProducer\scsiaccess.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Tablet.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
() C:\WINDOWS\system32\TpKmpSvc.exe
(IBM) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
() C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
() C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
() C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\WINDOWS\system32\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Lenovo Group Ltd.) C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
(Lenovo.) C:\WINDOWS\system32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Lenovo Group Limited) C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Sonix) C:\WINDOWS\vsnp2std.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
(Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Akamai\netsession_win.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation) C:\WINDOWS\system32\WISPTIS.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
() C:\tpfancontrol\fancontrol.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PWRMGRTR] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [BLOG] - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
HKLM\...\Run: [SynTPLpr] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [134896 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [EZEJMNAP] - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [256576 2009-12-01] (Lenovo Group Ltd.)
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [342312 2013-10-28] (Lenovo.)
HKLM\...\Run: [TP4EX] - C:\WINDOWS\system32\TP4EX.exe [65536 2005-10-17] (Lenovo Group Limited)
HKLM\...\Run: [SoundMAX] - C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [716800 2005-05-06] (Analog Devices, Inc.)
HKLM\...\Run: [LPManager] - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [185688 2009-07-23] (Lenovo Group Limited)
HKLM\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
HKLM\...\Run: [ISUSScheduler] - "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
HKLM\...\Run: [AwaySch] - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560 2010-05-06] (Symantec Corporation)
HKLM\...\Run: [NBKeyScan] - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM\...\Run: [LPMailChecker] - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [124248 2009-07-23] (Lenovo Group Limited)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [925696 2005-05-20] (Analog Devices, Inc.)
HKLM\...\Run: [snp2std] - C:\WINDOWS\vsnp2std.exe [675840 2006-09-15] (Sonix)
HKLM\...\Run: [TPFNF7] - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [62312 2010-03-26] (Lenovo Group Limited)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe [624056 2011-08-30] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0EYTHM] - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2007-10-30] (Acronis)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\WINDOWS\KHALMNPR.Exe [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [EPSON PictureMate 500] - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9TE.EXE [98304 2004-10-17] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [NBHGui] - "C:\Program Files\Nero\Nero 9\InCD\NBHGui.exe"
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-09-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMSG] - C:\Program Files\ThinkVantage\AMSG\Amsg.exe [436800 2009-09-03] (LENOVO)
HKLM\...\Run: [LENOVO.TPFNF6R] - C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [LenovoAutoScrollUtility] - C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [43960 2010-04-01] (Lenovo Group Limited)
HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1407248 2011-06-22] (Intel(R) Corporation)
HKLM\...\Run: [TVT Scheduler Proxy] - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-05-14] (Lenovo Group Limited)
HKLM\...\Run: [NSU_agent] - C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295072 2012-12-25] (RealNetworks, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2379504 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [TPKMAPHELPER] - C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [868352 2007-01-09] (Lenovo)
HKLM\...\Run: [TPHOTKEY] - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68976 2008-09-30] (Lenovo Group Limited)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\ACNotify: C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\AwayNotify: C:\Program Files\Lenovo\AwayTask\AwayNotify.dll (Lenovo Group Limited)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
Winlogon\Notify\tpfnf2: C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
Winlogon\Notify\tphotkey: C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [204288 2006-10-18] (Microsoft Corporation)
HKCU\...\Run: [TPKMAPMN] - C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe [49152 2007-09-21] ()
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2011-06-03] (Google Inc.)
MountPoints2: {1d532a94-6c8a-11e2-98c2-005056c00008} - E:\AutoRun.exe
MountPoints2: {3a22e5f8-8158-11df-9816-0018de9d29e2} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {41157d1e-f945-11e1-b331-005056c00008} - E:\HTC_Sync_Manager_PC.exe
MountPoints2: {41157d22-f945-11e1-b331-005056c00008} - E:\HTC_Sync_Manager_PC.exe
MountPoints2: {4ee2e3b7-2e1b-11e1-a4cc-005056c00008} - E:\AutoRun.exe
MountPoints2: {4ee2e3ba-2e1b-11e1-a4cc-005056c00008} - E:\AutoRun.exe
MountPoints2: {4ee2e3bc-2e1b-11e1-a4cc-005056c00008} - E:\AutoRun.exe
MountPoints2: {5d06abb4-a466-11de-963a-0018de9d29e2} - E:\Launcher.exe
MountPoints2: {645b9789-c044-11df-bfd1-0018de9d29e2} - E:\Launcher.exe
MountPoints2: {6c25ecd6-839a-11df-981e-0018de9d29e2} - E:\AutoRun.exe
MountPoints2: {6c25ecd7-839a-11df-981e-0018de9d29e2} - E:\AutoRun.exe
MountPoints2: {7afdf126-0824-11e2-b354-005056c00008} - I:\AutoRun.exe
MountPoints2: {7afdf12a-0824-11e2-b354-005056c00008} - E:\AutoRun.exe
MountPoints2: {86bf96b4-4da1-11e2-b3f0-005056c00008} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {86f83eb1-6473-11e2-98ab-005056c00008} - E:\AutoRun.exe
MountPoints2: {a39b60be-08fb-11e2-b356-005056c00008} - E:\AutoRun.exe
MountPoints2: {bd603406-55e9-11df-97de-0018de9d29e2} - E:\LaunchU3.exe -a
MountPoints2: {d18947a2-3654-11de-94de-0018de9d29e2} - E:\AutoRun.exe
MountPoints2: {d18947a6-3654-11de-94de-0018de9d29e2} - E:\AutoRun.exe
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe"
Lsa: [Authentication Packages] msv1_0 relog_ap
Lsa: [Notification Packages] scecli ACGina psqlpwd ACGina ACGina
BootExecute: autocheck PDBoot.exeautocheck PDBoot.exeautocheck pdboot.exeautocheck autochk * 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: ALLPassword Manager - {4C7FFB7A-EEA6-43A5-8D02-6DBD648FFB05} - C:\Program Files\ALLPassword Manager\ALLPasswordManager.dll (MarBit)
BHO: YouTube To ALLPlayer - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLPlayer\YouTubeToALLPlayer.dll (ALLPlayer.org)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Himalaya\Application Data\Nowe Gadu-Gadu\_userdata\ggbho.1.dll No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 10 C:\Program Files\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 11 C:\Program Files\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_38 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.97 - C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin: @photodex.com/PhotodexPresenter - C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Himalaya\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Himalaya\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Himalaya\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Polski slownik poprawnej pisowni - C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default\Extensions\pl@dictionaries.addons.mozilla.org
FF Extension: No Name - C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default\Extensions\staged
FF Extension: No Name - C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default\Extensions\trash
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: EPUBReader - C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
FF Extension: No Name - C:\Documents and Settings\Himalaya\Application Data\Mozilla\Firefox\Profiles\3mfoni5m.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [fe_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0

Chrome: 
=======
CHR HomePage: hxxp://www.marekneumann.co.uk/
CHR RestoreOnStartup: "chrome://apps/", "chrome://apps/", "chrome://apps/"
CHR DefaultSearchKeyword: google.co.uk
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Internet Download Manager Plugin) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\IDMGCExt.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Documents and Settings\Himalaya\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Documents and Settings\Himalaya\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Documents and Settings\Himalaya\Application Data\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (RealPlayer Version Plugin) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (getPlusPlus for Adobe 16297) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Google Update) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U38) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
CHR Plugin: (WacomTabletPlugin) - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.380.5) - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Extension: (Floorplanner) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag\13_0
CHR Extension: (Learn German - Wie Geht's) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aglfgpioobpcmdheljepehachdjeopad\1.46_0
CHR Extension: (DictaNote - Speech Recognizer) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk\7_0
CHR Extension: (TV) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0
CHR Extension: (Radio Italy - Radio Italia) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhnaahdkfcggkalikdncbadinkkbhaej\2.2_0
CHR Extension: (Radio UK) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blmkagpegbacdkfenpgimgihkcplmpdh\2.2_0
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.12_0
CHR Extension: (Spark Chess) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bopmffjdimfgeonfmgjeclolhjlpnjme\13.8260.1500_0
CHR Extension: (http://www.sky-map.org/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bpfkkjpbjmdniilbpddllmkjppjgcebf\2013.9.24.42640_0
CHR Extension: (Animoto Videos) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cambaldalpopjjmpfogbpikpbhembepl\2.2_0
CHR Extension: (http://www.ustream.tv/new/search?q=iss) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cicigjpchjknfgfncfnjilmdbnkhgbde\2013.5.10.33389_0
CHR Extension: (Google Search) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Learn Italian - Molto Bene) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dadgddaepklpemjojmnhgdjmmkmefihe\1.46_0
CHR Extension: (http://flightaware.com/live/airport/EGLL) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbhdgobfchbhpnfmooichmdjiabijehb\2013.6.8.62766_0
CHR Extension: (http://tunein.com/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dblgfaikinhoidnoieheigjobmlkhcjc\2013.8.21.30564_0
CHR Extension: (AutoCAD 360) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln\2.0_0
CHR Extension: (Read Later Fast) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0
CHR Extension: (http://www.shatters.net/celestia/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djmjldfeaemhfjbfkaglepppijmklmck\2013.9.24.44179_0
CHR Extension: (Dictionary) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dppjkecblddfabhinagflbhecjkkhekm\1.0.9_0
CHR Extension: (http://www.nature.com/nature/index.html) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ebhgicklkopofohiigdnendhmfjjhjhn\2013.1.9.59462_0
CHR Extension: (http://www.sciencemag.org/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ebjllpeabedifjonfligjfbnponikoin\2013.1.9.59457_0
CHR Extension: (OnCentre) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eflghfnienbepmdnkpmfmjnplpgjpcfa\1.2_0
CHR Extension: (Pixlr-o-matic) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.2_0
CHR Extension: (OrganizeMe!) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fepmgenffldpcaolcmmjnmdjeaabajlg\2.1.1_0
CHR Extension: (Full Screen Weather) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0
CHR Extension: (Watch TV Online - Clickplayer.tv) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flmfboagenlcnkidkjodenlgihdbkipj\6.3_0
CHR Extension: (Google Play Movies) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb\2.4_0
CHR Extension: (The QR Code Generator) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb\0.2.4_0
CHR Extension: (Notty Notes) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ggbmjahbkbhakkfgjiggdclpmmpmhajn\1.5_0
CHR Extension: (Translator by Dictionary.com) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\glacllipodbjfijgkcdifnlhmoddlkon\1.6_0
CHR Extension: (http://oognet.pl/content/details/683) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbhpmokkcagihphneknbghalidnafjak\2013.1.19.28873_0
CHR Extension: (VoiceNote - speech to text.) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0
CHR Extension: (Gantter for Google Drive) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo\4.0.1_0
CHR Extension: (Watch Tv Now) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hmjgabimfgiklbhjcgpedhgfoachphmo\1.1.0_0
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0
CHR Extension: (http://www.fashiontv.com/live) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ibklpphkpgocjlpfpmlanepbbinbkgbo\2013.10.17.36584_0
CHR Extension: (RealDownloader) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (http://www.youtube.com/user/GoogleBusinessPho) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ifjgphddigdeeojhlnllglllckgpaabb\2012.9.13.42029_0
CHR Extension: (http://www.marekneumann.co.uk/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iflnhgaklgmjjmkhbiknholhageagdko\2012.9.1.56189_0
CHR Extension: (WeatherBug (Legacy App)) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\2.0.7_0
CHR Extension: (https://play.google.com/store?pcampaignid=MKT) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jebmgjodjjbffkeffkflglconbmhcgga\2013.9.11.37045_0
CHR Extension: (Digital Photo Gallery) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jefgmnencamogchjibmjbikfjhkkbgkh\0.9.8.4_0
CHR Extension: (http://www.bbc.co.uk/travelnews/london/traffi) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jkchaijpkanklgnjdcehmbdgkpbnhahm\2013.1.18.38026_0
CHR Extension: (Page Ruler) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn\2.0.0_0
CHR Extension: (IDM Integration) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.12.2_0
CHR Extension: (Autodesk Homestyler) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0
CHR Extension: (ZeroPC Cloud) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kgkinkhhmalgmcpcjlohfoencnigfngl\2.2.1_0
CHR Extension: (NASA TV - ISS) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kkecoihdfgepbbmpfghpgmcnnebnnnhd\2.2_0
CHR Extension: (Google Play) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0
CHR Extension: (nexos) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ldobachjdepakfoignnoflcnpbkenicc\1.5.4_0
CHR Extension: (http://www.google.pl/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ljjakacbnnmfikogkcecdmkgkhhffchp\2012.9.1.56079_0
CHR Extension: (http://www.bbc.co.uk/iplayer/tv/categories/fi) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lmgecpohfheikpcllomlnpmfjegkgejn\2013.1.25.44599_0
CHR Extension: (http://fashiontube.com/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkkbgglcehgohnlabdbdfkdojljnolb\2013.4.5.2682_0
CHR Extension: (https://s3.amazonaws.com/Gigapans/EBC_Pumori_) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpgogejakgmjnojaigkepfpljepfcihm\2013.1.24.60285_0
CHR Extension: (Google Dictionary (by Google)) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0
CHR Extension: (maporado world atlas) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfaedkdkfhajpdappjkbgmecfpcaooe\1.0.1_0
CHR Extension: (http://goo.gl/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\midhbgnkikbleccbojgicggkohllcgig\2012.11.27.39227_0
CHR Extension: (Radio Germany - Radiosender Deutschland) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\miggmfcpbihiloggfnldnohiakmkmpne\2.2_0
CHR Extension: (Quick Note) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.6.0_0
CHR Extension: (ruul. Screen ruler) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mlbnpnlmfngmlcmkhjpbfokdphfehhjj\6.1.1_0
CHR Extension: (http://www.isstracker.com/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mmaokiccmogmdhbggggnbddahkcgegep\2013.2.25.54844_0
CHR Extension: (My Time Organizer) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nbgjpoemniodpkigbjkleiaoifclhfdm\1.0.3_0
CHR Extension: (Learn English TV) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nbjdodpplnmhieebbldcfobmjbaddnci\4.9.5_0
CHR Extension: (http://www.neumann360.co.uk/) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nffhhbnpijompggpeihnicgacdhbmida\2012.9.13.42049_0
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (https://groups.google.com/forum/#!category-to) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\obbpjnmlimnipjhoilggoaiaklacjfke\2012.8.24.46615_0
CHR Extension: (Instagram Tools) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocfjbphcdlgkpgndbelpaiehbifgidpm\1.0.1.5_0
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb\3.3.3_0
CHR Extension: (Photoshop TV) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\okpkhfmfgmepjmhokkfjahkgecmcgpdn\4.9.2_0
CHR Extension: (SlideRocket) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\omeengfjefdmhnkojnfmncpfdbhnecea\2.0.2_0
CHR Extension: (https://docs.google.com/file/d/0B3jwoDlb_Sg5W) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pcocmfbiekmeoekhhiojmejbobemafda\2012.8.24.46612_0
CHR Extension: (GlobalEnglish LinGo) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgmbelkpihjilddedehgojhbplplapnk\1.9.3.1_0
CHR Extension: (World Clocks) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej\4.9_0
CHR Extension: (Google Reader) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0
CHR Extension: (Gmail) - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Himalaya\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-10-30] (Acronis)
R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [39528 2011-09-16] (ArcSoft Inc.)
S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
S4 APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [176193 2005-12-12] (American Power Conversion Corporation)
S4 ATMsrvc; C:\Windows\System32\ATMsrvc.exe [15360 2000-05-24] (Adobe Systems Incorporated)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-05-06] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-05-06] (Symantec Corporation)
R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2162512 2011-09-12] (Diskeeper Corporation)
S3 Droppix Service; C:\Program Files\Common Files\Droppix\DxService.exe [151552 2008-02-01] (Droppix)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 gtdetectsc; C:\WINDOWS\system32\gtdetectsc.exe [122880 2006-09-28] (OptionNV)
S4 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-12-12] (Nero AG)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 IPSSVC; C:\Windows\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-02-17] (Symantec Corporation)
R2 NkPtpEnum; C:\Program Files\Nikon\Wireless Connecting Utility\NkPtpip.dll [71168 2004-12-13] (Nikon Corporation)
R2 NkPtpEnumWT3; C:\Program Files\Nikon\Wireless Transmitter Utility\NkVBus\NkPtpip.dll [76288 2012-02-20] (Nikon Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S4 Paragon System Backup Service; C:\Program Files\Paragon Software\System Backup 2010\program\dbhservice.exe [109072 2010-01-11] (Paragon Software Group)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [1359224 2012-05-24] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2129272 2012-05-24] (Raxco Software, Inc.)
S4 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [246112 2012-09-26] ()
R2 Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [1645568 2013-01-11] ()
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [177704 2007-06-05] ()
R2 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1663272 2013-01-11] (Lenovo Group Limited)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [882960 2011-06-22] (Intel(R) Corporation)
S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009\RpcAgentSrv.exe [98488 2008-09-01] (SiSoftware)
R2 ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [186760 2011-09-28] ()
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1831928 2009-11-09] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [357704 2010-07-01] (Symantec Corporation)
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
R2 SUService; c:\program files\lenovo\system update\suservice.exe [28672 2013-07-10] (Lenovo Group Limited)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1775344 2009-11-10] (Symantec Corporation)
R2 TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [4463400 2009-11-24] (Wacom Technology, Corp.)
S4 TPFanControl; C:\tpfancontrol\fancontrol.exe [154112 2008-01-11] ()
R2 TpKmpSVC; C:\WINDOWS\system32\TpKmpSVC.exe [32768 2006-06-29] ()
S4 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [492720 2007-10-30] ()
R2 TSSCoreService; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [722232 2007-08-03] (IBM)
R2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [520192 2008-05-14] ()
S4 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1155072 2008-08-20] (Lenovo Group Limited)
S4 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [113264 2011-03-25] (VMware, Inc.)
S4 VMnetDHCP; C:\WINDOWS\system32\vmnetdhcp.exe [334448 2011-03-25] (VMware, Inc.)
S4 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [539248 2011-03-25] (VMware, Inc.)
S4 VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [404080 2011-03-25] (VMware, Inc.)
S3 WLANKEEPER; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [370960 2011-06-22] (Intel(R) Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
S3 PsaSrv; C:\WINDOWS\system32\PsaSrv.exe [x]
S3 UBKZGGXENAA; C:\DOCUME~1\Himalaya\LOCALS~1\Temp\UBKZGGXENAA.exe [x]
S4 ufad-ws60; "C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files\VMware\VMware Workstation\\" -s ufad-p2v.xml

==================== Drivers (Whitelisted) ====================

S4 abp480n5; C:\Windows\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R3 AEAudioService; C:\Windows\System32\drivers\AEAudio.sys [93952 2006-08-07] (Andrea Electronics Corporation)
R1 ANC; C:\Windows\System32\drivers\ANC.SYS [11520 2012-09-07] (IBM Corp.)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R3 atmeltpm; C:\Windows\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.)
S3 BSWinDvr; C:\Program Files\ThinkPad\BiosSettingsWindows\BSWinDvr.sys [8192 2011-07-11] (Lenovo)
S3 btaudio; C:\Windows\System32\drivers\btaudio.sys [534568 2009-02-16] (Broadcom Corporation.)
R3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37160 2009-02-16] (Broadcom Corporation.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [991784 2009-02-16] (Broadcom Corporation.)
S3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156816 2009-02-16] (Broadcom Corporation.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [47272 2009-02-16] (Broadcom Corporation.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [138768 2011-12-02] (Raxco Software, Inc.)
R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [38608 2011-02-14] (Diskeeper Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-20] (Symantec Corporation)
S3 FNETTBOH; C:\Windows\System32\drivers\FNETTBOH.SYS [23680 2009-05-12] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [7936 2009-05-12] (FNet Co., Ltd.)
R2 hcmon; C:\WINDOWS\system32\drivers\hcmon.sys [32368 2011-03-25] (VMware, Inc.)
R0 hotcore3; C:\Windows\System32\drivers\hotcore3.sys [40560 2010-09-15] (Paragon Software Group)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
S3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [217016 2010-06-02] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [993464 2010-06-02] (Conexant Systems, Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2012-09-26] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [66688 2012-09-26] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-09-26] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [65152 2006-06-27] (QUALCOMM Incorporated)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [4224 2012-09-07] ()
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
S3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [42752 2009-05-08] (Motorola Inc)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-13] (Microsoft Corporation)
R3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20131209.001\NAVENG.SYS [93272 2013-08-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20131209.001\NAVEX15.SYS [1612376 2013-08-22] (Symantec Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETw3x32; C:\Windows\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
S3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2236544 2007-11-26] (Intel Corporation)
S3 NETw5x32; C:\Windows\System32\DRIVERS\NETw5x32.sys [5977216 2009-09-15] (Intel Corporation)
R3 NETwLx32; C:\Windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
S3 NinjaUSB; C:\Windows\System32\drivers\NinjaUSB.sys [24704 2010-09-06] ()
R3 odysseyIM4; C:\Windows\System32\DRIVERS\odysseyIM4.sys [173056 2005-06-10] (Funk Software, Inc.)
R3 PCASp50; C:\Windows\System32\drivers\PCASp50.sys [27072 2007-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
R2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2012-05-10] (Raxco Software, Inc.)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2008-09-20] (Microsoft Corporation)
R1 PQNTDrv; C:\Windows\System32\Drivers\PQNTDrv.sys [4228 2003-03-14] (PowerQuest Corporation)
R2 PROCDD; C:\Windows\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009\WNt500x86\Sandra.sys [21920 2008-07-29] (SiSoftware)
R1 Smapint; C:\Windows\System32\drivers\Smapint.sys [14848 2006-10-02] (Microsoft Corporation)
R3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12039680 2007-06-14] ()
S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2009-12-18] (Symantec Corporation)
S3 Spyder3; C:\Windows\System32\DRIVERS\Spyder3.sys [12288 2008-09-08] ()
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [283184 2010-03-08] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [320944 2010-03-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2010-03-08] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [125488 2011-12-23] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2009-09-03] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2009-09-03] (Symantec Corporation)
R1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368544 2008-10-02] (Acronis)
R1 TDSMAPI; C:\Windows\System32\drivers\TDSMAPI.SYS [9343 2006-10-02] ()
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [67472 2009-12-28] (Symantec Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2008-10-02] (Acronis)
R1 TPHKDRV; C:\Windows\System32\DRIVERS\TPHKDRV.sys [17844 2008-05-12] (Lenovo Group Limited)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwrif.sys [13936 2013-01-11] (Lenovo Group Limited)
R1 TSMAPIP; C:\Windows\System32\drivers\TSMAPIP.SYS [4608 2010-03-26] ()
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [32352 2007-03-29] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [131456 2007-03-29] (Paragon)
R3 VBus; C:\Windows\System32\DRIVERS\NkVBus.sys [17344 2012-02-20] (Nikon Corporation)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation)
R3 vmkbd; C:\WINDOWS\system32\drivers\VMkbd.sys [24688 2011-03-25] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16560 2011-03-25] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [32752 2011-03-25] (VMware, Inc.)
R2 VMnetuserif; C:\WINDOWS\system32\drivers\vmnetuserif.sys [26352 2011-03-25] (VMware, Inc.)
R2 vmx86; C:\WINDOWS\system32\Drivers\vmx86.sys [854256 2011-03-25] (VMware, Inc.)
R2 vstor2-ws60; C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [22448 2010-08-19] (VMware, Inc.)
R1 WPS; C:\WINDOWS\system32\drivers\wpsdrvnt.sys [42312 2009-11-09] (Symantec Corporation)
S3 WpsHelper; C:\WINDOWS\system32\drivers\WpsHelper.sys [174056 2012-11-06] (Symantec Corporation)
S3 cpu; \??\C:\cpu.sys [x]
S2 cpudriver; \??\C:\Program Files\Temporary\cpu.sys [x]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [x]
S2 P1C1394; \SystemRoot\System32\Drivers\p1c1394.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSBXP.SYS [49408 2012-09-11] (Seiko Epson Corporation)
S3 TVTPktFilter; system32\DRIVERS\tvtpktfilter.sys [x]
S4 vsdatant; a [x]
S3 xp; \??\C:\Documents and Settings\Himalaya\xp.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-09 23:55 - 2013-12-09 23:56 - 00064523 _____ C:\Documents and Settings\Himalaya\Desktop\FRST.txt
2013-12-09 23:54 - 2013-12-09 23:54 - 00000000 ____D C:\FRST
2013-12-09 23:40 - 2013-12-09 23:41 - 01060641 _____ (Farbar) C:\Documents and Settings\Himalaya\Desktop\FRST.exe
2013-12-09 23:36 - 2013-12-09 23:36 - 86406400 _____ C:\Documents and Settings\Himalaya\Desktop\Alien Skin Exposure 5.0.0.703 Revision 24363 WIN.rar.crdownload
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ____D C:\n
2013-12-09 23:13 - 2013-12-09 23:13 - 00000000 ____D C:\Program Files\PhotomatixPro5
2013-12-09 22:35 - 2013-12-09 22:37 - 00003640 _____ C:\WINDOWS\system32\ICAutoUpdate.log
2013-12-09 12:06 - 2013-12-09 12:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2013-12-09 12:02 - 2013-12-09 12:06 - 00007948 _____ C:\WINDOWS\KB2808679.log
2013-12-09 10:12 - 2013-12-09 10:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Equalizer
2013-12-07 13:28 - 2013-12-09 22:08 - 00039250 _____ C:\WINDOWS\setupapi.log
2013-12-07 13:26 - 2013-12-07 13:26 - 00008820 _____ C:\WINDOWS\KB2900986.log
2013-12-07 13:26 - 2013-12-07 13:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-12-07 13:26 - 2013-12-07 13:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-12-07 13:25 - 2013-12-07 13:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-12-07 13:24 - 2013-12-07 13:24 - 00010972 _____ C:\WINDOWS\KB2888505-IE8.log
2013-12-07 13:24 - 2013-12-07 13:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-12-07 12:58 - 2013-12-07 13:26 - 00014415 _____ C:\WINDOWS\KB2868626.log
2013-12-07 12:58 - 2013-12-07 13:25 - 00013395 _____ C:\WINDOWS\KB2862152.log
2013-12-07 12:58 - 2013-12-07 13:24 - 00012921 _____ C:\WINDOWS\KB2876331.log
2013-12-06 13:27 - 2013-12-06 13:27 - 00000629 _____ C:\Documents and Settings\Himalaya\Desktop\22.BB(06.12.13).lnk
2013-12-06 13:26 - 2013-12-06 13:27 - 00000000 ____D C:\Documents and Settings\Himalaya\Desktop\ExifCleaner 1.8
2013-12-06 13:26 - 2013-10-18 10:34 - 00002126 _____ C:\Documents and Settings\Himalaya\Desktop\+++ jak.txt
2013-12-06 13:26 - 2011-10-04 15:48 - 04325376 _____ (SuperUtils.com) C:\Documents and Settings\Himalaya\Desktop\ExifCleaner.exe
2013-12-06 13:26 - 2009-10-19 23:09 - 00000778 _____ C:\Documents and Settings\Himalaya\Desktop\Picasa 3.lnk
2013-12-04 11:17 - 2012-04-17 01:40 - 00001063 _____ C:\Documents and Settings\Himalaya\Desktop\My Screen Recorder Pro 3.3.lnk
2013-11-29 13:01 - 2012-09-06 14:47 - 00000259 ____C C:\Documents and Settings\Himalaya\Desktop\+++ ! ! ! Google Business Photos in New York City, New York, New Jersey, and Long Island. Market your business online..url
2013-11-25 10:51 - 2013-11-25 11:07 - 00000000 ____D C:\Documents and Settings\Himalaya\Application Data\Download Manager
2013-11-23 19:21 - 2013-11-23 19:21 - 00000598 _____ C:\Documents and Settings\Himalaya\Desktop\abc.lnk
2013-11-22 09:24 - 2013-11-22 09:24 - 00118784 _____ C:\WINDOWS\Minidump\Mini112213-01.dmp
2013-11-11 20:31 - 2013-11-11 20:31 - 00000975 _____ C:\Documents and Settings\Himalaya\Desktop\ReKlamA !!!.lnk

==================== One Month Modified Files and Folders =======

2013-12-09 23:56 - 2013-12-09 23:55 - 00064523 _____ C:\Documents and Settings\Himalaya\Desktop\FRST.txt
2013-12-09 23:54 - 2013-12-09 23:54 - 00000000 ____D C:\FRST
2013-12-09 23:41 - 2013-12-09 23:40 - 01060641 _____ (Farbar) C:\Documents and Settings\Himalaya\Desktop\FRST.exe
2013-12-09 23:36 - 2013-12-09 23:36 - 86406400 _____ C:\Documents and Settings\Himalaya\Desktop\Alien Skin Exposure 5.0.0.703 Revision 24363 WIN.rar.crdownload
2013-12-09 23:35 - 2010-10-20 16:23 - 00000990 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-794415514-3291536716-1455428651-1005UA.job
2013-12-09 23:20 - 2012-04-05 09:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-09 23:20 - 2006-04-30 00:07 - 00000254 _____ C:\WINDOWS\wiadebug.log
2013-12-09 23:19 - 2013-12-09 23:19 - 00000000 ____D C:\n
2013-12-09 23:15 - 2008-09-20 16:50 - 00000000 ____D C:\Documents and Settings\Himalaya
2013-12-09 23:14 - 2008-09-28 17:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PhotomatixPro3+4+5
2013-12-09 23:13 - 2013-12-09 23:13 - 00000000 ____D C:\Program Files\PhotomatixPro5
2013-12-09 22:53 - 2008-10-06 15:21 - 00000114 _____ C:\WINDOWS\Ydpdict.INI
2013-12-09 22:37 - 2013-12-09 22:35 - 00003640 _____ C:\WINDOWS\system32\ICAutoUpdate.log
2013-12-09 22:10 - 2012-03-21 16:13 - 00000470 _____ C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
2013-12-09 22:09 - 2013-01-21 11:14 - 00000306 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-12-09 22:09 - 2012-12-25 14:48 - 00000284 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-12-09 22:09 - 2011-09-19 19:55 - 00000000 ____D C:\Documents and Settings\Himalaya\Application Data\WTablet
2013-12-09 22:09 - 2010-11-26 23:49 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-12-09 22:09 - 2008-09-20 07:57 - 00000306 _____ C:\WINDOWS\Tasks\PMTask.job
2013-12-09 22:08 - 2013-12-07 13:28 - 00039250 _____ C:\WINDOWS\setupapi.log
2013-12-09 22:08 - 2012-12-25 14:47 - 00000280 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-18.job
2013-12-09 22:07 - 2006-08-17 08:00 - 00025268 _____ C:\WINDOWS\system32\PROCDB.INI
2013-12-09 22:07 - 2006-04-30 07:11 - 01380382 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-09 22:06 - 2006-08-17 08:00 - 00000380 _____ C:\WINDOWS\system32\IPSCtrl.INI
2013-12-09 22:06 - 2006-04-30 07:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-09 22:06 - 2006-04-30 00:07 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-12-09 22:05 - 2012-02-28 19:03 - 00004680 _____ C:\WINDOWS\system32\ICAutoUpdate.log.bak
2013-12-09 17:33 - 2013-10-13 14:36 - 02368680 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-12-09 17:33 - 2008-09-20 16:50 - 00000278 ___SH C:\Documents and Settings\Himalaya\ntuser.ini
2013-12-09 17:33 - 2006-04-30 07:20 - 00032416 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-09 14:21 - 2006-04-30 00:25 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-09 12:08 - 2012-08-15 09:24 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2013-12-09 12:06 - 2013-12-09 12:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2013-12-09 12:06 - 2013-12-09 12:02 - 00007948 _____ C:\WINDOWS\KB2808679.log
2013-12-09 12:06 - 2006-04-30 00:04 - 02614617 _____ C:\WINDOWS\FaxSetup.log
2013-12-09 12:06 - 2006-04-30 00:04 - 01278189 _____ C:\WINDOWS\ocgen.log
2013-12-09 12:06 - 2006-04-30 00:04 - 01205182 _____ C:\WINDOWS\tsoc.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00978600 _____ C:\WINDOWS\iis6.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00851273 _____ C:\WINDOWS\comsetup.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00818220 _____ C:\WINDOWS\msmqinst.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00517380 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00456735 _____ C:\WINDOWS\netfxocm.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00181497 _____ C:\WINDOWS\MedCtrOC.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00140286 _____ C:\WINDOWS\ocmsn.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00131035 _____ C:\WINDOWS\msgsocm.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00130826 _____ C:\WINDOWS\tabletoc.log
2013-12-09 12:06 - 2006-04-30 00:04 - 00001374 _____ C:\WINDOWS\imsins.log
2013-12-09 12:05 - 2006-04-30 00:04 - 00638214 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-09 11:59 - 2006-04-30 06:56 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-09 10:25 - 2008-09-25 08:33 - 00000000 ____D C:\Program Files\Nikon
2013-12-09 10:22 - 2012-09-21 12:38 - 00000000 ____D C:\Documents and Settings\Himalaya\Local Settings\Application Data\Akamai
2013-12-09 10:22 - 2008-09-25 08:32 - 00000020 ____H C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
2013-12-09 10:21 - 2010-08-31 16:25 - 00000020 ____H C:\Documents and Settings\All Users\Application Data\PKP_DLet.DAT
2013-12-09 10:21 - 2008-09-25 08:35 - 00000841 _____ C:\Documents and Settings\All Users\Desktop\Capture NX 2.lnk
2013-12-09 10:15 - 2008-09-28 16:20 - 00000000 ____D C:\Documents and Settings\Himalaya\Local Settings\Application Data\Downloaded Installations
2013-12-09 10:13 - 2011-12-23 22:57 - 00001801 _____ C:\Documents and Settings\All Users\Desktop\ViewNX 2.lnk
2013-12-09 10:12 - 2013-12-09 10:12 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Equalizer
2013-12-09 10:12 - 2012-08-15 10:29 - 00000268 ___RH C:\Documents and Settings\Himalaya\Application Data\Tables
2013-12-09 10:12 - 2012-08-15 10:29 - 00000020 ____H C:\Documents and Settings\All Users\Application Data\PKP_DLeo.DAT
2013-12-08 23:06 - 2008-09-30 17:10 - 00011478 ___SH C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
2013-12-08 12:20 - 2012-12-25 14:48 - 00000292 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-12-07 13:26 - 2013-12-07 13:26 - 00008820 _____ C:\WINDOWS\KB2900986.log
2013-12-07 13:26 - 2013-12-07 13:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-12-07 13:26 - 2013-12-07 13:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-12-07 13:26 - 2013-12-07 12:58 - 00014415 _____ C:\WINDOWS\KB2868626.log
2013-12-07 13:26 - 2006-04-30 07:26 - 00345809 _____ C:\WINDOWS\updspapi.log
2013-12-07 13:26 - 2006-04-30 00:04 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-12-07 13:25 - 2013-12-07 13:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-12-07 13:25 - 2013-12-07 12:58 - 00013395 _____ C:\WINDOWS\KB2862152.log
2013-12-07 13:24 - 2013-12-07 13:24 - 00010972 _____ C:\WINDOWS\KB2888505-IE8.log
2013-12-07 13:24 - 2013-12-07 13:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-12-07 13:24 - 2013-12-07 12:58 - 00012921 _____ C:\WINDOWS\KB2876331.log
2013-12-07 13:24 - 2009-04-30 16:49 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-07 13:23 - 2013-08-29 18:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-07 13:07 - 2008-09-21 17:43 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-07 12:49 - 2013-08-29 17:49 - 01390522 _____ C:\WINDOWS\setupapi.log.0.old
2013-12-07 12:47 - 2008-10-10 13:10 - 00000000 __SHD C:\WINDOWS\CSC
2013-12-06 13:27 - 2013-12-06 13:27 - 00000629 _____ C:\Documents and Settings\Himalaya\Desktop\22.BB(06.12.13).lnk
2013-12-06 13:27 - 2013-12-06 13:26 - 00000000 ____D C:\Documents and Settings\Himalaya\Desktop\ExifCleaner 1.8
2013-12-05 23:52 - 2008-10-10 11:51 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2013-12-05 23:51 - 2008-10-10 11:48 - 00000000 ____D C:\Program Files\HP
2013-12-05 21:35 - 2010-10-20 16:23 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-794415514-3291536716-1455428651-1005Core.job
2013-12-05 18:44 - 2008-10-05 19:54 - 00000000 ____D C:\Documents and Settings\Himalaya\Application Data\Skype
2013-12-04 11:16 - 2008-09-22 10:43 - 00113664 _____ C:\Documents and Settings\Himalaya\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-03 21:35 - 2013-01-21 11:14 - 00000314 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-12-03 14:02 - 2010-11-26 23:49 - 00000292 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-12-01 20:34 - 2008-10-05 00:31 - 00000000 ____D C:\PULPIT 2008
2013-11-27 11:14 - 2013-01-21 11:14 - 00000332 _____ C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-794415514-3291536716-1455428651-1005.job
2013-11-25 11:07 - 2013-11-25 10:51 - 00000000 ____D C:\Documents and Settings\Himalaya\Application Data\Download Manager
2013-11-24 10:12 - 2008-09-23 16:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\FLEXnet
2013-11-23 19:21 - 2013-11-23 19:21 - 00000598 _____ C:\Documents and Settings\Himalaya\Desktop\abc.lnk
2013-11-22 15:13 - 2009-04-18 14:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-22 09:24 - 2013-11-22 09:24 - 00118784 _____ C:\WINDOWS\Minidump\Mini112213-01.dmp
2013-11-22 09:24 - 2008-10-18 09:31 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-18 20:23 - 2008-09-25 15:47 - 00000020 ____H C:\Documents and Settings\All Users\Application Data\PKP_DLdy.DAT
2013-11-18 20:09 - 2013-09-29 18:49 - 00000000 ___RD C:\Documents and Settings\Himalaya\My Documents\Copy
2013-11-18 20:09 - 2012-10-05 22:34 - 00000000 ____D C:\Documents and Settings\Himalaya\My Documents\Capture NX
2013-11-18 20:09 - 2010-08-09 13:56 - 00000000 ____D C:\Documents and Settings\Himalaya\My Documents\Corel
2013-11-18 20:09 - 2009-12-25 18:23 - 00000000 ____D C:\Documents and Settings\Himalaya\Corel
2013-11-18 20:09 - 2008-11-12 22:48 - 00000000 ____D C:\Documents and Settings\Himalaya\My Documents\Corel User Files
2013-11-14 22:58 - 2008-11-12 23:12 - 00099840 ___SH C:\Documents and Settings\Himalaya\Desktop\Thumbs.db
2013-11-14 11:53 - 2008-10-04 14:08 - 00003868 _____ C:\WINDOWS\wincmd.ini
2013-11-14 11:45 - 2009-07-08 12:31 - 00000491 _____ C:\WINDOWS\wcx_ftp.ini
2013-11-12 14:47 - 2012-12-25 14:47 - 00000288 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-18.job
2013-11-11 20:31 - 2013-11-11 20:31 - 00000975 _____ C:\Documents and Settings\Himalaya\Desktop\ReKlamA !!!.lnk

Some content of TEMP:
====================
C:\Documents and Settings\Himalaya\Local Settings\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================