[Split] Nzah

[Nzah]

I appear to be having an identical problem. I am also running symantec av and it found the same RootKit.gen Trojan. The offset address with ntdll.dll is also the same. What can I do to make this diagnosis easier?

Thanks!

[kahdah]

Hello Nzah

Welcome to Malwarebytes.

=====================

• Download OTL to your desktop.
  
• Double click on OTL to run it.
  
• When the window appears, underneath Output at the top change it to Minimal Output.
  
• Under the Standard Registry box change it to All.
  
• Under Custom scan's and fixes section paste in the below in bold
  

  
  

  netsvcs
  
  
  %SYSTEMDRIVE%\*.*
  
  
  %systemroot%\system32\*.dll /lockedfiles
  
  
  %systemroot%\Tasks\*.job /lockedfiles
  
  
  %systemroot%\System32\config\*.sav
  
  
  %systemroot%\system32\drivers\*.sys /90
  
  
  %systemroot%\system32\Spool\prtprocs\w32x86\*.dll

  
  

• Check the boxes beside LOP Check and Purity Check.
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
    

====================

Please download Rootkit Unhooker and save it to your desktop.

• Double-click RKUnhookerLE.exe to run it.
  
• Click the Report tab, then click Scan
  
• Check Drivers, Stealth Code, Files, and Code Hooks
  
• Uncheck the rest, then click OK
  
• When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
  
• Wait till the scanner has finished then go File > Save Report
  
• Save the report somewhere you can find it, typically your desktop. Click Close
  
• Copy the entire contents of the report and paste it in your next reply.
  

Note - You may get this warning it is ok, just ignore it."Rootkit Unhooker has detected a parasite inside itself!

It is recommended to remove parasite, okay?"

[Nzah]

Hello and thanks in advance for your help.

After hearing that ComboFix worked to repair this problem for Patti Johnson for what appeared to be the same error I was having, I attempted to apply the same fix. Before running ComboFix, Google Chrome would not display any webpages including the startup page. Firefox still ran and would display pages but would not restart after closing the main window. After running ComboFix Firefox will no longer run.

ComboFix did not work for me. Win32 Host Process still fails in ntdll.dll at the same offset as before. Please advise if you would like to see the combofix log.

Rootkit Unhooker is still running and has been scanning C:\ for over an hour. I am posting these from another machine with the files transferred via USB stick. I will post the Rootkit Unhooker results as soon as the scan completes.

Please find the OTL.txt file below. It is too long for a single posting. I will post in multiple chunks. Extras.txt will be included in subsequent post (initial post was too long with both).

BEGIN OTL.TXT

==========

OTL logfile created on: 10/1/2010 9:08:02 AM - Run 1

OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\nzah****\Desktop

Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free

Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 275.14 Gb Total Space | 148.25 Gb Free Space | 53.88% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

Drive F: | 501.22 Mb Total Space | 220.33 Mb Free Space | 43.96% Space Free | Partition Type: FAT

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JUK****T

Current User Name: nzah****

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\nzahirov\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)

PRC - C:\VXIPNP\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\lktsrv.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\lkads.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\lkcitdl.exe (National Instruments, Inc.)

PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()

PRC - C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

PRC - C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)

PRC - C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)

PRC - C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)

PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)

PRC - C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)

PRC - C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.)

PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)

PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)

PRC - C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Tablet Shortcut\TSMResident.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Tablet Shortcut\ASR\ASRSVC.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Tablet Shortcut\TSMService.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)

PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.)

PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)

PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

PRC - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)

PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)

PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)

PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

PRC - C:\WINDOWS\system32\wisptis.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Microsoft Shared\Ink\tabtip.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Microsoft Shared\Ink\tcserver.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Microsoft Shared\Ink\keyboardsurrogate.exe (Microsoft Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

PRC - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)

PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)

PRC - C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)

PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()

PRC - C:\Program Files\Common Files\Lenovo\Logger\logmon.exe ()

PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)

PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

PRC - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()

PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)

PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

PRC - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\TpKmpSvc.exe ()

PRC - C:\WINDOWS\system32\tabbtnu.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\nzahirov\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\wtsapi32.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation)

MOD - C:\Program Files\Common Files\Microsoft Shared\Ink\tiptsf.dll (Microsoft Corporation)

MOD - C:\Program Files\Common Files\Microsoft Shared\Ink\tipcomponentsps.dll (Microsoft Corporation)

MOD - C:\WINDOWS\ime\sptip.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msctfp.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)

MOD - C:\WINDOWS\ime\spgrmr.dll (Microsoft Corporation)

MOD - C:\Program Files\Lenovo\HOTKEY\HKVOLKEY.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_keyboard_hook.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\css_banner.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\css_think_res.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\csswait.dll (Lenovo Group Limited)

MOD - C:\WINDOWS\system32\cssuserdatadispatcher.dll (Lenovo Group Limited)

MOD - C:\WINDOWS\system32\tcsrpc.dll (Lenovo)

MOD - C:\WINDOWS\system32\tvttsp.dll (Lenovo)

MOD - C:\Program Files\Common Files\Lenovo\tvt_think_res.dll (Lenovo Group Limited)

MOD - C:\Program Files\Windows Journal\nbmaptip.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (nimDNSResponder) -- C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)

SRV - (niLXIDiscovery) -- C:\VXIPNP\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation)

SRV - (niSvcLoc) -- C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)

SRV - (NIApplicationWebServer) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)

SRV - (mxssvr) -- C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)

SRV - (NITaggerService) -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)

SRV - (NIDomainService) -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)

SRV - (lkTimeSync) -- C:\WINDOWS\system32\lktsrv.exe (National Instruments Corporation)

SRV - (lkClassAds) -- C:\WINDOWS\system32\lkads.exe (National Instruments Corporation)

SRV - (nlsX86cc) -- C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)

SRV - (NILM License Manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

SRV - (nipxirmu) -- C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

SRV - (nidevldu) -- C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

SRV - (ni488enumsvc) -- C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

SRV - (LkCitadelServer) -- C:\WINDOWS\system32\lkcitdl.exe (National Instruments, Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)

SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()

SRV - (VMware NAT Service) -- C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)

SRV - (VMnetDHCP) -- C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)

SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)

SRV - (DynDNS Updater) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.)

SRV - (EvtEng) Intel® -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

SRV - (S24EventMonitor) Intel® -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)

SRV - (RegSrvc) Intel® -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)

SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)

SRV - (ASRSVC) -- C:\Program Files\ThinkPad\Tablet Shortcut\ASR\ASRSVC.exe (Lenovo Group Limited)

SRV - (TabletSVC) -- C:\Program Files\ThinkPad\Tablet Shortcut\TSMService.exe (Lenovo Group Limited)

SRV - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)

SRV - (SolidWorks Licensing Service) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)

SRV - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)

SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)

SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)

SRV - (OpcEnum) -- C:\WINDOWS\system32\Opcenum.exe (OPC Foundation)

SRV - (btwdins) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)

SRV - (CoventorWare Architect License Service) -- C:\Coventor\CoventorWare2008\\licensing\NT40\lmgrd.fnet.exe ()

SRV - (CoventorWare Microfluidics Solvers License Service) -- C:\Coventor\CoventorWare2008\\licensing\NT40\lmgrd.exe ()

SRV - (CoventorWare License Service) -- C:\Coventor\CoventorWare2008\\licensing\NT40\lmgrd.exe ()

SRV - (TVT Scheduler) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)

SRV - (TSSCoreService) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)

SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)

SRV - (NiRioRpc) -- C:\WINDOWS\system32\NiRioRpc.exe (National Instruments Corporation)

SRV - (TVT Backup Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)

SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()

SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec)

SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation)

SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation)

SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)

SRV - (tvtnetwk) -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()

SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)

SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)

SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)

SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe ()

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (usb6xxxk) -- C:\WINDOWS\System32\drivers\usb6xxxkl.sys File not found

DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found

DRV - (RimUsb) -- C:\WINDOWS\System32\Drivers\RimUsb.sys File not found

DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found

DRV - (NIUSBTMC) -- C:\WINDOWS\System32\DRIVERS\NIUSBTMC.sys File not found

DRV - (khqlmxop) -- C:\WINDOWS\System32\drivers\oopuhnpkpjv.sys File not found

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found

DRV - (bwsao) -- C:\WINDOWS\System32\drivers\amuil.sys File not found

DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100930.004\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100930.004\NAVENG.SYS (Symantec Corporation)

DRV - (NiViPxiK) -- C:\WINDOWS\system32\drivers\NiViPxiKl.sys (National Instruments Corporation)

DRV - (NiViPciK) -- C:\WINDOWS\system32\drivers\NiViPciKl.sys (National Instruments Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (nipalusbedl) -- C:\WINDOWS\system32\drivers\nipalusbedl.sys (National Instruments Corporation)

DRV - (NIPALK) -- C:\WINDOWS\System32\drivers\nipalk.sys (National Instruments Corporation)

DRV - (nipalfwedl) -- C:\WINDOWS\system32\drivers\nipalfwedl.sys (National Instruments Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (Usbtmc) -- C:\WINDOWS\system32\drivers\ausbtmc.sys (IVI Foundation)

DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)

DRV - (AlteraUSBBlaster) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)

DRV - (nipbcfk) -- C:\WINDOWS\System32\drivers\nipbcfk.sys (National Instruments Corporation)

DRV - (nimdbgk) -- C:\WINDOWS\system32\drivers\nimdbgkl.sys (National Instruments Corporation)

DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()

DRV - (VMnetBridge) -- C:\WINDOWS\system32\drivers\vmnetbridge.sys (VMware, Inc.)

DRV - (vmx86) -- C:\WINDOWS\system32\drivers\vmx86.sys (VMware, Inc.)

DRV - (vmci) -- C:\WINDOWS\system32\drivers\vmci.sys (VMware, Inc.)

DRV - (vmkbd) -- C:\WINDOWS\system32\drivers\VMkbd.sys (VMware, Inc.)

DRV - (VMnetuserif) -- C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware, Inc.)

DRV - (hcmon) -- C:\WINDOWS\system32\drivers\hcmon.sys (VMware, Inc.)

DRV - (VMnetAdapter) -- C:\WINDOWS\system32\drivers\vmnetadapter.sys (VMware, Inc.)

DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)

DRV - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()

DRV - (NETw5x32) Intel® -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)

DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)

DRV - (tvtfilter) -- C:\WINDOWS\system32\drivers\tvtfilter.sys (Lenovo)

DRV - (TSMSMI) -- C:\WINDOWS\system32\drivers\tsmsmi32.sys (Lenovo Group Limited)

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (cvintdrv) -- C:\WINDOWS\System32\drivers\cvintdrv.sys ()

DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()

DRV - (nimxdfk) -- C:\WINDOWS\system32\drivers\nimxdfkl.sys (National Instruments Corporation)

DRV - (nidimk) -- C:\WINDOWS\system32\drivers\nidimkl.sys (National Instruments Corporation)

DRV - (nipxirmk) -- C:\WINDOWS\system32\drivers\nipxirmkl.sys (National Instruments Corporation)

DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)

DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)

DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)

DRV - (Tp4Track) -- C:\WINDOWS\system32\drivers\tp4track.sys (Lenovo Group Limited)

DRV - (e1express) Intel® -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)

DRV - (ni1045k) -- C:\WINDOWS\system32\drivers\ni1045kl.sys (National Instruments Corporation)

DRV - (niorbk) -- C:\WINDOWS\system32\drivers\niorbkl.sys (National Instruments Corporation)

DRV - (ni1065k) -- C:\WINDOWS\system32\drivers\ni1065k.sys (National Instruments Corporation)

DRV - (ni1006k) -- C:\WINDOWS\system32\drivers\ni1006k.sys (National Instruments Corporation)

DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)

DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)

DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)

DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)

DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)

DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)

DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)

DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)

DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (nipxigpk) -- C:\WINDOWS\system32\drivers\nipxigpk.sys (National Instruments Corporation)

DRV - (pmem) -- C:\WINDOWS\system32\drivers\pmemnt.sys (Microsoft Corporation)

DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (Lenovo Group Limited)

DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)

DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)

DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)

DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)

DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)

DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (nihsdrk) -- C:\WINDOWS\system32\drivers\nihsdrkl.sys (National Instruments Corporation)

DRV - (nixsrk) -- C:\WINDOWS\system32\drivers\nixsrkl.sys (National Instruments Corporation)

DRV - (niwfrk) -- C:\WINDOWS\system32\drivers\niwfrkl.sys (National Instruments Corporation)

DRV - (nissrk) -- C:\WINDOWS\system32\drivers\nissrkl.sys (National Instruments Corporation)

DRV - (niesrk) -- C:\WINDOWS\system32\drivers\niesrkl.sys (National Instruments Corporation)

DRV - (niemrkw) -- C:\WINDOWS\system32\drivers\niemrkw.sys (National Instruments Corporation)

DRV - (niemrk) -- C:\WINDOWS\system32\drivers\niemrkl.sys (National Instruments Corporation)

DRV - (nipsdk) -- C:\WINDOWS\system32\drivers\nipsdkl.sys (National Instruments Corporation)

DRV - (nimru2k) -- C:\WINDOWS\system32\drivers\nimru2kl.sys (National Instruments Corporation)

DRV - (ninshsdk) -- C:\WINDOWS\system32\drivers\ninshsdkl.sys (National Instruments Corporation)

DRV - (nidsark) -- C:\WINDOWS\system32\drivers\nidsarkl.sys (National Instruments Corporation)

DRV - (niscdk) -- C:\WINDOWS\system32\drivers\niscdkl.sys (National Instruments Corporation)

DRV - (nispdk) -- C:\WINDOWS\system32\drivers\nispdkl.sys (National Instruments Corporation)

DRV - (nitiork) -- C:\WINDOWS\system32\drivers\nitiorkl.sys (National Instruments Corporation)

DRV - (nimsdrk) -- C:\WINDOWS\system32\drivers\nimsdrkl.sys (National Instruments Corporation)

DRV - (niswdk) -- C:\WINDOWS\system32\drivers\niswdkl.sys (National Instruments Corporation)

DRV - (nisdigk) -- C:\WINDOWS\system32\drivers\nisdigkl.sys (National Instruments Corporation)

DRV - (usb6xxxkw) -- C:\WINDOWS\system32\drivers\usb6xxxkw.sys (National Instruments Corporation)

DRV - (nisftk) -- C:\WINDOWS\system32\drivers\nisftkl.sys (National Instruments Corporation)

DRV - (nifslk) -- C:\WINDOWS\system32\drivers\nifslkl.sys (National Instruments Corporation)

DRV - (nistcrk) -- C:\WINDOWS\system32\drivers\nistcrkl.sys (National Instruments Corporation)

DRV - (nicdrk) -- C:\WINDOWS\system32\drivers\nicdrkl.sys (National Instruments Corporation)

DRV - (nistc2k) -- C:\WINDOWS\system32\drivers\nistc2kl.sys (National Instruments Corporation)

DRV - (nidmxfk) -- C:\WINDOWS\system32\drivers\nidmxfkl.sys (National Instruments Corporation)

DRV - (nimxpk) -- C:\WINDOWS\system32\drivers\nimxpkl.sys (National Instruments Corporation)

DRV - (nimstsk) -- C:\WINDOWS\system32\drivers\nimstskl.sys (National Instruments Corporation)

DRV - (nirfsa2k) -- C:\WINDOWS\system32\drivers\niRFSA2kl.sys (National Instruments Corporation)

DRV - (nimsrlk) -- C:\WINDOWS\system32\drivers\nimsrlk.dll (National Instruments Corporation)

DRV - (nimslk) -- C:\WINDOWS\system32\drivers\nimslk.dll (National Instruments Corporation)

DRV - (nisldk) -- C:\WINDOWS\system32\drivers\nisldkl.sys (National Instruments Corporation)

DRV - (nisrcdk) -- C:\WINDOWS\system32\drivers\nisrcdkl.sys (National Instruments Corporation)

DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)

DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)

DRV - (NETw4x32) Intel® -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)

DRV - (nidmmk) -- C:\WINDOWS\system32\drivers\nidmmk.dll (National Instruments Corporation)

DRV - (Nidaq32k) -- C:\WINDOWS\System32\drivers\nidaq32k.sys (National Instruments Corporation)

DRV - (nistck) -- C:\WINDOWS\system32\drivers\niSTCk.dll (National Instruments Corporation)

DRV - (nimdsk) -- C:\WINDOWS\system32\drivers\nimdsk.dll (National Instruments Corporation)

DRV - (nibffrk) -- C:\WINDOWS\system32\drivers\nibffrk.dll (National Instruments Corporation)

DRV - (niarbk) -- C:\WINDOWS\system32\drivers\niarbk.dll (National Instruments Corporation)

DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)

DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)

DRV - (gpibprtk) -- C:\WINDOWS\system32\drivers\gpibprtk.sys (National Instruments Corporation)

DRV - (ni488lock) -- C:\WINDOWS\system32\drivers\ni488lock.sys (National Instruments Corporation)

DRV - (nitnr2k) -- C:\WINDOWS\system32\drivers\nitnr2kl.sys (National Instruments Corporation)

DRV - (nidwgk) -- C:\WINDOWS\system32\drivers\nidwgkl.sys (National Instruments Corporation)

DRV - (nigplk) -- C:\WINDOWS\system32\drivers\nigplkl.sys (National Instruments Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)

DRV - (TVTPktFilter) -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys (Lenovo Group Limited)

DRV - (lvalarmk) -- C:\WINDOWS\system32\drivers\lvalarmk.sys (National Instruments Corporation)

DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited)

DRV - (Sntnlusb) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (Rainbow Technologies Inc.)

DRV - (Sentinel) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)

DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation)

DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation)

DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\tkbtnpn.sys (Lenovo)

DRV - (atmeltpm) -- C:\WINDOWS\system32\drivers\atmeltpm.sys (Atmel, Inc.)

DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)

DRV - (DS1410D) -- C:\WINDOWS\system32\drivers\DS1410d.SYS (Dallas Semiconductor MAXIM)

DRV - (SIF32X) -- C:\WINDOWS\system32\drivers\SiF32x.sys (Silicon Laboratories)

DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)

DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)

DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)

DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)

DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)

DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)

DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)

DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)

DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)

DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)

DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)

DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)

DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)

DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (TwoTrack) -- C:\WINDOWS\system32\drivers\TwoTrack.sys (IBM Corporation)

DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2

FF - prefs.js..extensions.enabledItems: {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.35

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: npminuwet@uwaterloo.ca:2.0.0.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.9

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/17 10:21:06 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/07 19:12:16 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/28 03:32:44 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/28 21:13:14 | 000,000,000 | ---D | M]

[2008/08/27 19:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Extensions

[2008/08/27 19:33:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/09/30 08:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions

[2009/08/18 09:28:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/03/14 23:10:24 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}

[2010/05/11 09:03:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009/09/13 06:43:30 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2009/07/13 09:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\npminuwet@uwaterloo.ca

[2010/09/30 08:17:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/05/28 03:32:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2008/09/08 20:26:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

[2008/10/26 17:33:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

[2008/12/07 19:12:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

[2009/11/08 11:04:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

[2010/05/28 03:32:39 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

[2010/05/28 03:32:39 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

[2010/02/04 21:35:19 | 000,027,960 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll

[2010/02/04 21:35:20 | 000,126,344 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll

[2009/08/06 10:57:58 | 000,046,408 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\atmccli.dll

[2010/02/04 21:35:29 | 000,098,696 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\ieatgpc.dll

[2009/05/01 17:02:48 | 001,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll

[2009/08/06 10:57:12 | 000,061,840 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll

[2009/10/11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll

[2008/09/15 20:11:52 | 001,335,600 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll

[2008/09/15 20:12:12 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll

[2010/06/25 13:57:18 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv2010win32.dll

[2006/01/23 10:32:04 | 000,020,992 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV80Win32.dll

[2007/02/08 10:48:16 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll

[2007/07/24 19:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv85win32.dll

[2008/12/10 14:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll

[2010/05/25 12:43:16 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv90win32.dll

[2010/05/28 03:32:41 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

[2009/12/21 19:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

[2009/09/03 11:53:00 | 000,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

[2009/05/01 17:02:48 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll

[2010/03/09 00:34:02 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml

[2010/03/09 00:34:03 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml

[2010/03/09 00:34:03 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml

[2010/03/09 00:34:03 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml

[2010/03/09 00:34:03 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2010/03/09 00:34:03 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

[2010/03/09 00:34:03 | 000,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/09/30 15:07:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [bLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()

O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [installValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] C:\Program Files\National Instruments\Shared\NIUninstaller\InstallValidator.exe ()

O4 - HKLM..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [LENTBCTL] C:\Program Files\ThinkPad\Tablet Shortcut\LENTBCTL.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [NI Background Service] C:\Program Files\National Instruments\Shared\Update Service\niupdate.exe (National Instruments)

O4 - HKLM..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)

O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [TabletButton] C:\Program Files\ThinkPad\Tablet Shortcut\TabletButton.EXE (Lenovo Group Limited )

O4 - HKLM..\Run: [TabletTip] C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe (Microsoft Corporation)

O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)

O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)

O4 - HKLM..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TSMResident] C:\Program Files\ThinkPad\Tablet Shortcut\TSMRESIDENT.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)

O4 - HKLM..\Run: [vptray] C:\PROGRA~1\SYMANT~1\\vptray.exe ()

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.)

O4 - Startup: C:\Documents and Settings\nzahirov\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} http://download.ppstream.com/bin/powerplayer.cab (PowerList Control)

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/as...abs/tgctlsr.cab (Symantec Script Runner Class)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.3.7.cab (DLM Control)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupd...b?1211688977287 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.97.2.1 129.97.129.10 129.97.2.2

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\OrCAD\OrCAD_10.5\tools\capture\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\OrCAD\OrCAD_10.5\tools\capture\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\WINDOWS\system32\acaptuser32.dll) - C:\WINDOWS\system32\acaptuser32.dll (Adobe Systems, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\loginkey: DllName - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll (Microsoft Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)

O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\TabBtnWL: DllName - TabBtnWL.dll - C:\WINDOWS\System32\tabbtnwl.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()

O20 - Winlogon\Notify\tpgwlnotify: DllName - tpgwlnot.dll - C:\WINDOWS\System32\tpgwlnot.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/04/30 19:14:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found

O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

[Nzah]

========== Files/Folders - Created Within 30 Days ==========

[2010/10/01 09:03:55 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\nzahirov\Desktop\OTL.exe

[2010/09/30 17:16:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/09/30 13:49:15 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/09/30 13:44:37 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/09/30 13:44:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/09/30 13:44:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/09/30 13:44:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/09/30 13:42:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/09/30 13:38:51 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/09/30 09:01:23 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll

[2010/09/30 09:01:19 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll

[2010/09/30 09:01:10 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe

[2010/09/30 09:00:55 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe

[2010/09/30 09:00:50 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys

[2010/09/30 09:00:49 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys

[2010/09/30 09:00:45 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys

[2010/09/30 09:00:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll

[2010/09/30 09:00:33 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys

[2010/09/30 09:00:31 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys

[2010/09/30 09:00:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys

[2010/09/30 09:00:19 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys

[2010/09/30 09:00:14 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll

[2010/09/30 09:00:13 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll

[2010/09/30 09:00:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys

[2010/09/30 09:00:08 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys

[2010/09/30 09:00:07 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys

[2010/09/30 09:00:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys

[2010/09/30 09:00:02 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys

[2010/09/30 09:00:00 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys

[2010/09/30 08:59:59 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys

[2010/09/30 08:59:58 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys

[2010/09/30 08:59:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll

[2010/09/30 08:59:56 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys

[2010/09/30 08:59:55 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys

[2010/09/30 08:59:54 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys

[2010/09/30 08:59:49 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys

[2010/09/30 08:59:45 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys

[2010/09/30 08:59:41 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys

[2010/09/30 08:59:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll

[2010/09/30 08:59:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll

[2010/09/30 08:59:40 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2010/09/30 08:59:39 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll

[2010/09/30 08:59:35 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys

[2010/09/30 08:59:31 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys

[2010/09/30 08:59:26 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys

[2010/09/30 08:59:22 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys

[2010/09/30 08:59:18 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys

[2010/09/30 08:59:12 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys

[2010/09/30 08:59:08 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys

[2010/09/30 08:59:04 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys

[2010/09/30 08:59:00 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys

[2010/09/30 08:58:56 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys

[2010/09/30 08:58:52 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys

[2010/09/30 08:58:48 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys

[2010/09/30 08:58:44 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys

[2010/09/30 08:58:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys

[2010/09/30 08:58:41 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys

[2010/09/30 08:58:39 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys

[2010/09/30 08:58:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll

[2010/09/30 08:58:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll

[2010/09/30 08:58:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll

[2010/09/30 08:58:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll

[2010/09/30 08:58:17 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll

[2010/09/30 08:58:13 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys

[2010/09/30 08:58:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll

[2010/09/30 08:58:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll

[2010/09/30 08:58:01 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll

[2010/09/30 08:57:57 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll

[2010/09/30 08:57:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe

[2010/09/30 08:57:51 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys

[2010/09/30 08:57:47 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll

[2010/09/30 08:57:43 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys

[2010/09/30 08:57:39 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll

[2010/09/30 08:57:35 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys

[2010/09/30 08:57:31 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll

[2010/09/30 08:57:27 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys

[2010/09/30 08:57:22 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys

[2010/09/30 08:57:19 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys

[2010/09/30 08:57:15 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys

[2010/09/30 08:57:10 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys

[2010/09/30 08:57:08 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll

[2010/09/30 08:57:04 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys

[2010/09/30 08:57:00 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll

[2010/09/30 08:56:59 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys

[2010/09/30 08:56:58 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys

[2010/09/30 08:56:55 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys

[2010/09/30 08:56:51 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys

[2010/09/30 08:56:51 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys

[2010/09/30 08:56:50 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys

[2010/09/30 08:56:46 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys

[2010/09/30 08:56:42 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys

[2010/09/30 08:56:38 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys

[2010/09/30 08:56:34 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll

[2010/09/30 08:56:29 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll

[2010/09/30 08:56:25 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys

[2010/09/30 08:56:22 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys

[2010/09/30 08:56:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll

[2010/09/30 08:56:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll

[2010/09/30 08:56:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll

[2010/09/30 08:56:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll

[2010/09/30 08:56:03 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll

[2010/09/30 08:56:00 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll

[2010/09/30 08:55:56 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys

[2010/09/30 08:55:52 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys

[2010/09/30 08:55:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll

[2010/09/30 08:55:47 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys

[2010/09/30 08:55:43 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll

[2010/09/30 08:55:43 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll

[2010/09/30 08:55:38 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll

[2010/09/30 08:55:34 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys

[2010/09/30 08:55:30 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll

[2010/09/30 08:55:26 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys

[2010/09/30 08:55:23 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys

[2010/09/30 08:55:19 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll

[2010/09/30 08:55:16 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys

[2010/09/30 08:55:12 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys

[2010/09/30 08:55:11 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll

[2010/09/30 08:55:11 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys

[2010/09/30 08:55:07 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys

[2010/09/30 08:55:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll

[2010/09/30 08:55:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2010/09/30 08:55:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2010/09/30 08:55:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll

[2010/09/30 08:55:00 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys

[2010/09/30 08:55:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll

[2010/09/30 08:54:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll

[2010/09/30 08:54:56 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll

[2010/09/30 08:54:52 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys

[2010/09/30 08:54:48 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys

[2010/09/30 08:54:45 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys

[2010/09/30 08:54:41 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys

[2010/09/30 08:54:40 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys

[2010/09/30 08:54:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll

[2010/09/30 08:54:39 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys

[2010/09/30 08:54:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll

[2010/09/30 08:54:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll

[2010/09/30 08:54:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll

[2010/09/30 08:54:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll

[2010/09/30 08:54:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll

[2010/09/30 08:54:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll

[2010/09/30 08:54:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll

[2010/09/30 08:54:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll

[2010/09/30 08:54:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll

[2010/09/30 08:54:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll

[2010/09/30 08:54:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll

[2010/09/30 08:54:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll

[2010/09/30 08:54:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll

[2010/09/30 08:54:23 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll

[2010/09/30 08:54:23 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll

[2010/09/30 08:54:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll

[2010/09/30 08:54:21 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys

[2010/09/30 08:54:17 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys

[2010/09/30 08:54:14 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys

[2010/09/30 08:54:10 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll

[2010/09/30 08:54:07 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys

[2010/09/30 08:54:06 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys

[2010/09/30 08:54:02 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll

[2010/09/30 08:53:59 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys

[2010/09/30 08:53:55 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll

[2010/09/30 08:53:52 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys

[2010/09/30 08:53:48 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll

[2010/09/30 08:53:45 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys

[2010/09/30 08:53:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll

[2010/09/30 08:53:38 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys

[2010/09/30 08:53:34 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys

[2010/09/30 08:53:31 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys

[2010/09/30 08:53:27 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll

[2010/09/30 08:53:24 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys

[2010/09/30 08:53:19 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys

[2010/09/30 08:53:16 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys

[2010/09/30 08:53:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2010/09/30 08:53:11 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys

[2010/09/30 08:53:10 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys

[2010/09/30 08:53:07 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys

[2010/09/30 08:53:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2010/09/30 08:53:03 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys

[2010/09/30 08:52:59 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys

[2010/09/30 08:52:55 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys

[2010/09/30 08:52:52 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys

[2010/09/30 08:52:50 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys

[2010/09/30 08:52:47 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll

[2010/09/30 08:52:43 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys

[2010/09/30 08:52:39 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll

[2010/09/30 08:52:36 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys

[2010/09/30 08:52:32 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll

[2010/09/30 08:52:29 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys

[2010/09/30 08:52:25 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll

[2010/09/30 08:52:22 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll

[2010/09/30 08:52:19 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll

[2010/09/30 08:52:15 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys

[2010/09/30 08:52:12 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll

[2010/09/30 08:52:08 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys

[2010/09/30 08:52:05 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys

[2010/09/30 08:52:01 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll

[2010/09/30 08:51:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll

[2010/09/30 08:51:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2010/09/30 08:51:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2010/09/30 08:51:56 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll

[2010/09/30 08:51:55 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll

[2010/09/30 08:51:54 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys

[2010/09/30 08:51:50 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys

[2010/09/30 08:51:47 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys

[2010/09/30 08:51:43 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll

[2010/09/30 08:51:39 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys

[2010/09/30 08:51:37 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys

[2010/09/30 08:51:33 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys

[2010/09/30 08:51:29 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll

[2010/09/30 08:51:29 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe

[2010/09/30 08:51:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe

[2010/09/30 08:51:22 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys

[2010/09/30 08:51:18 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys

[2010/09/30 08:51:15 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys

[2010/09/30 08:51:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll

[2010/09/30 08:51:08 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys

[2010/09/30 08:51:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe

[2010/09/30 08:51:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe

[2010/09/30 08:51:05 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys

[2010/09/30 08:51:00 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys

[2010/09/30 08:50:57 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys

[2010/09/30 08:50:53 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys

[2010/09/30 08:50:52 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll

[2010/09/30 08:50:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll

[2010/09/30 08:50:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll

[2010/09/30 08:50:40 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys

[2010/09/30 08:50:38 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys

[2010/09/30 08:50:34 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys

[2010/09/30 08:50:33 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys

[2010/09/30 08:50:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys

[2010/09/30 08:50:29 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll

[2010/09/30 08:50:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll

[2010/09/30 08:50:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll

[2010/09/30 08:50:24 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll

[2010/09/30 08:50:20 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys

[2010/09/30 08:50:17 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys

[2010/09/30 08:50:13 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys

[2010/09/30 08:50:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys

[2010/09/30 08:50:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll

[2010/09/30 08:50:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax

[2010/09/30 08:50:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll

[2010/09/30 08:50:02 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll

[2010/09/30 08:50:01 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys

[2010/09/30 08:50:00 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll

[2010/09/30 08:49:59 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys

[2010/09/30 08:49:58 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys

[2010/09/30 08:49:54 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe

[2010/09/30 08:49:51 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys

[2010/09/30 08:49:48 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys

[2010/09/30 08:49:44 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys

[2010/09/30 08:49:41 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys

[2010/09/30 08:49:40 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys

[2010/09/30 08:49:37 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys

[2010/09/30 08:49:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll

[2010/09/30 08:49:35 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll

[2010/09/30 08:49:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll

[2010/09/30 08:49:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll

[2010/09/30 08:49:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll

[2010/09/30 08:49:24 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys

[2010/09/30 08:49:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe

[2010/09/30 08:49:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll

[2010/09/30 08:49:15 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys

[2010/09/30 08:49:11 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll

[2010/09/30 08:49:08 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys

[2010/09/30 08:49:05 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys

[2010/09/30 08:49:01 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys

[2010/09/30 08:48:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys

[2010/09/30 08:48:55 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys

[2010/09/30 08:48:52 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys

[2010/09/30 08:48:48 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys

[2010/09/30 08:48:45 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys

[2010/09/30 08:48:39 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys

[2010/09/30 08:48:35 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll

[2010/09/30 08:48:30 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys

[2010/09/30 08:48:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2010/09/30 08:48:26 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys

[2010/09/30 08:48:22 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys

[2010/09/30 08:48:21 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys

[2010/09/30 08:48:17 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys

[2010/09/30 08:48:14 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys

[2010/09/30 08:48:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll

[2010/09/30 08:48:10 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys

[2010/09/30 08:48:09 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys

[2010/09/30 08:48:05 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys

[2010/09/30 08:48:01 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys

[2010/09/30 08:47:58 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll

[2010/09/30 08:47:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys

[2010/09/30 08:47:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll

[2010/09/30 08:47:47 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys

[2010/09/30 08:47:44 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys

[2010/09/30 08:47:41 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll

[2010/09/30 08:47:38 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys

[2010/09/30 08:47:34 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll

[2010/09/30 08:47:31 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys

[2010/09/30 08:47:28 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys

[2010/09/30 08:47:25 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys

[2010/09/30 08:47:22 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll

[2010/09/30 08:47:19 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys

[2010/09/30 08:47:16 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll

[2010/09/30 08:47:13 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys

[2010/09/30 08:47:12 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll

[2010/09/30 08:47:09 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys

[2010/09/30 08:47:03 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys

[2010/09/30 08:46:59 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys

[2010/09/30 08:46:53 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys

[2010/09/30 08:46:52 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex

[2010/09/30 08:46:52 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys

[2010/09/30 08:46:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll

[2010/09/30 08:46:45 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys

[2010/09/30 08:46:42 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys

[2010/09/30 08:46:35 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys

[2010/09/30 08:46:31 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys

[2010/09/30 08:46:26 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys

[2010/09/30 08:46:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe

[2010/09/30 08:46:22 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys

[2010/09/30 08:46:19 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll

[2010/09/30 08:46:18 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys

[2010/09/30 08:46:18 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll

[2010/09/30 08:46:17 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys

[2010/09/30 08:46:14 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll

[2010/09/30 08:46:11 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys

[2010/09/30 08:46:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll

[2010/09/30 08:46:07 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys

[2010/09/30 08:46:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2010/09/30 08:46:03 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys

[2010/09/30 08:45:59 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys

[2010/09/30 08:45:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll

[2010/09/30 08:45:53 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll

[2010/09/30 08:45:50 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys

[2010/09/30 08:45:50 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys

[2010/09/30 08:45:47 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys

[2010/09/30 08:45:44 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys

[2010/09/30 08:45:43 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys

[2010/09/30 08:45:43 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys

[2010/09/30 08:45:40 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys

[2010/09/30 08:45:39 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys

[2010/09/30 08:45:36 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys

[2010/09/30 08:45:33 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys

[2010/09/30 08:45:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll

[2010/09/30 08:45:29 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys

[2010/09/30 08:45:26 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys

[2010/09/30 08:45:23 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys

[2010/09/30 08:45:19 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys

[2010/09/30 08:45:19 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys

[2010/09/30 08:45:16 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys

[2010/09/30 08:45:13 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys

[2010/09/30 08:45:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll

[2010/09/30 08:45:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll

[2010/09/30 08:45:07 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll

[2010/09/30 08:45:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll

[2010/09/30 08:45:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll

[2010/09/30 08:45:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll

[2010/09/30 08:45:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll

[2010/09/30 08:45:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll

[2010/09/30 08:44:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll

[2010/09/30 08:44:57 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll

[2010/09/30 08:44:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll

[2010/09/30 08:44:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll

[2010/09/30 08:44:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll

[2010/09/30 08:44:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll

[2010/09/30 08:44:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll

[2010/09/30 08:44:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll

[2010/09/30 08:44:40 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll

[2010/09/30 08:44:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll

[2010/09/30 08:44:37 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys

[2010/09/30 08:44:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll

[2010/09/30 08:44:34 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys

[2010/09/30 08:44:31 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys

[2010/09/30 08:44:30 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe

[2010/09/30 08:44:30 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys

[2010/09/30 08:44:25 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys

[2010/09/30 08:44:22 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll

[2010/09/30 08:44:20 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys

[2010/09/30 08:44:17 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys

[2010/09/30 08:44:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll

[2010/09/30 08:44:14 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll

[2010/09/30 08:44:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe

[2010/09/30 08:44:12 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe

[2010/09/30 08:44:10 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe

[2010/09/30 08:44:09 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe

[2010/09/30 08:44:09 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll

[2010/09/30 08:44:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe

[2010/09/30 08:44:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll

[2010/09/30 08:44:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe

[2010/09/30 08:44:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll

[2010/09/30 08:44:05 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll

[2010/09/30 08:43:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll

[2010/09/30 08:43:55 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys

[2010/09/30 08:43:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll

[2010/09/30 08:43:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll

[2010/09/30 08:43:47 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys

[2010/09/30 08:43:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll

[2010/09/30 08:43:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll

[2010/09/30 08:43:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll

[2010/09/30 08:43:36 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys

[2010/09/30 08:43:34 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys

[2010/09/30 08:43:31 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys

[2010/09/30 08:43:28 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys

[2010/09/30 08:43:26 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll

[2010/09/30 08:43:23 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys

[2010/09/30 08:43:22 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys

[2010/09/30 08:43:21 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll

[2010/09/30 08:43:18 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys

[2010/09/30 08:43:16 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll

[2010/09/30 08:43:15 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll

[2010/09/30 08:43:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll

[2010/09/30 08:43:09 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys

[2010/09/30 08:43:06 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys

[2010/09/30 08:43:04 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys

[2010/09/30 08:43:01 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys

[2010/09/30 08:42:58 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys

[2010/09/30 08:42:56 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys

[2010/09/30 08:42:53 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys

[2010/09/30 08:42:50 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll

[2010/09/30 08:42:47 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys

[2010/09/30 08:42:45 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys

[2010/09/30 08:42:42 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys

[2010/09/30 08:42:40 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys

[2010/09/30 08:42:37 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys

[2010/09/30 08:42:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll

[2010/09/30 08:42:31 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys

[2010/09/30 08:42:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll

[2010/09/30 08:42:26 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll

[2010/09/30 08:42:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll

[2010/09/30 08:42:21 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll

[2010/09/30 08:42:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll

[2010/09/30 08:42:10 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll

[2010/09/30 08:42:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll

[2010/09/30 08:42:00 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll

[2010/09/30 08:41:55 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll

[2010/09/30 08:41:51 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys

[2010/09/30 08:41:49 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys

[2010/09/30 08:41:48 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys

[2010/09/30 08:41:45 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys

[2010/09/30 08:41:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll

[2010/09/30 08:41:43 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys

[2010/09/30 08:41:40 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys

[2010/09/30 08:41:38 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys

[2010/09/30 08:41:36 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys

[2010/09/30 08:41:36 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys

[2010/09/30 08:41:33 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys

[2010/09/30 08:41:31 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll

[2010/09/30 08:41:29 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys

[2010/09/30 08:41:27 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll

[2010/09/30 08:41:24 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys

[2010/09/30 08:41:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll

[2010/09/30 08:41:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe

[2010/09/30 08:41:19 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll

[2010/09/30 08:41:19 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll

[2010/09/30 08:41:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll

[2010/09/30 08:41:14 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys

[2010/09/30 08:41:11 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys

[2010/09/30 08:41:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2010/09/30 08:41:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll

[2010/09/30 08:41:07 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys

[2010/09/30 08:41:05 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys

[2010/09/30 08:41:03 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys

[2010/09/30 08:41:01 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys

[2010/09/30 08:40:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll

[2010/09/30 08:40:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe

[2010/09/30 08:40:56 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys

[2010/09/30 08:40:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll

[2010/09/30 08:40:49 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys

[2010/09/30 08:40:46 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys

[2010/09/30 08:40:44 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys

[2010/09/30 08:40:42 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys

[2010/09/30 08:40:40 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys

[2010/09/30 08:40:37 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys

[2010/09/30 08:40:35 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys

[2010/09/30 08:40:33 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll

[2010/09/30 08:40:33 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys

[2010/09/30 08:40:31 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll

[2010/09/30 08:40:29 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll

[2010/09/30 08:40:29 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll

[2010/09/30 08:40:26 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll

[2010/09/30 08:40:26 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll

[2010/09/30 08:40:24 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys

[2010/09/30 08:40:24 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll

[2010/09/30 08:40:21 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys

[2010/09/30 08:40:19 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys

[2010/09/30 08:40:17 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys

[2010/09/30 08:40:15 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys

[2010/09/30 08:40:13 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys

[2010/09/30 08:40:11 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys

[2010/09/30 08:40:09 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys

[2010/09/30 08:40:07 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys

[2010/09/30 08:40:05 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe

[2010/09/30 08:40:03 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe

[2010/09/30 08:40:01 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe

[2010/09/30 08:39:58 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys

[2010/09/30 08:39:56 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys

[2010/09/30 08:39:54 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys

[2010/09/30 08:39:53 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys

[2010/09/30 08:39:51 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys

[2010/09/30 08:39:47 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys

[2010/09/30 08:39:46 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys

[2010/09/30 08:39:44 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys

[2010/09/30 08:39:43 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys

[2010/09/30 08:39:41 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys

[2010/09/30 08:39:40 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys

[2010/09/30 08:39:39 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys

[2010/09/30 08:39:37 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys

[2010/09/30 08:39:36 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys

[2010/09/30 08:39:34 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys

[2010/09/30 08:39:33 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys

[2010/09/30 08:39:32 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys

[2010/09/30 08:39:30 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys

[2010/09/30 08:39:29 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys

[2010/09/30 08:39:27 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys

[2010/09/30 08:39:26 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys

[2010/09/30 08:39:25 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys

[2010/09/30 08:39:24 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll

[2010/09/30 08:39:23 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys

[2010/09/30 08:39:21 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys

[2010/09/30 08:39:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys

[2010/09/30 08:39:15 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys

[2010/09/30 08:39:13 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys

[2010/09/30 08:39:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys

[2010/09/30 08:39:11 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys

[2010/09/30 08:39:10 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys

[2010/09/30 08:39:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys

[2010/09/30 08:39:07 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys

[2010/09/30 08:39:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys

[2010/09/30 08:39:04 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys

[2010/09/30 08:38:59 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe

[2010/09/30 08:38:58 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll

[2010/09/30 08:38:57 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll

[2010/09/30 08:38:56 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll

[2010/09/30 08:38:54 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys

[2010/09/30 08:38:53 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe

[2010/09/30 08:38:51 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys

[2010/09/30 08:38:50 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll

[2010/09/30 08:38:49 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys

[2010/09/30 08:38:48 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll

[2010/09/30 08:38:47 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll

[2010/09/30 08:38:45 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll

[2010/09/30 08:38:44 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll

[2010/09/30 08:38:43 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys

[2010/09/30 08:38:42 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys

[2010/09/30 08:38:41 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll

[2010/09/30 08:38:39 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys

[2010/09/30 08:38:38 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll

[2010/09/30 08:38:36 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll

[2010/09/30 08:38:35 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys

[2010/09/30 08:38:33 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys

[2010/09/30 08:38:32 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys

[2010/09/30 08:38:31 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe

[2010/09/30 08:38:30 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll

[2010/09/30 08:38:28 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys

[2010/09/30 08:38:27 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys

[2010/09/30 08:38:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll

[2010/09/30 08:38:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll

[2010/09/30 08:38:23 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys

[2010/09/30 08:38:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll

[2010/09/30 08:38:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll

[2010/09/30 08:38:18 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys

[2010/09/30 08:38:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll

[2010/09/30 08:38:15 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys

[2010/09/30 08:38:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll

[2010/09/30 08:38:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll

[2010/09/30 08:38:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys

[2010/09/30 08:38:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll

[2010/09/30 08:38:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys

[2010/09/30 08:38:08 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys

[2010/09/30 08:38:08 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys

[2010/09/30 08:38:07 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys

[2010/09/30 08:38:06 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys

[2010/09/30 08:38:04 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys

[2010/09/30 08:38:03 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys

[2010/09/30 08:38:02 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys

[2010/09/30 08:38:01 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys

[2010/09/30 08:38:00 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll

[2010/09/30 08:37:59 | 000,249,856 | ---- | C] (Comtrol

[Nzah]

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2008/09/09 10:51:29 | 000,000,126 | ---- | M] () -- C:\.bash_history

[2009/11/20 13:38:09 | 000,001,024 | ---- | M] () -- C:\.rnd

[2006/04/30 19:14:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2010/09/16 01:39:51 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/09/30 13:49:23 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr

[2010/09/30 15:19:15 | 000,063,646 | ---- | M] () -- C:\ComboFix.txt

[2006/04/30 19:14:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2010/05/15 19:18:49 | 006,631,302 | ---- | M] () -- C:\CrappyC.zip

[2010/05/03 15:39:24 | 000,000,082 | ---- | M] () -- C:\Documents~

[2008/05/15 08:48:46 | 000,003,084 | ---- | M] () -- C:\drivez.log

[2009/03/03 00:47:38 | 000,049,233 | ---- | M] () -- C:\fat32format.exe

[2010/05/15 14:48:26 | 022,480,754 | ---- | M] () -- C:\FinishedSweep2.zip

[2010/09/30 16:58:54 | 3211,046,912 | -HS- | M] () -- C:\hiberfil.sys

[2009/10/05 13:18:34 | 000,007,223 | ---- | M] () -- C:\INSTALLINFO.TXT

[2006/04/30 19:14:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/09/05 18:47:22 | 004,805,045 | ---- | M] () -- C:\LabView-Ver2.zip

[2010/09/20 00:50:59 | 000,001,184 | ---- | M] () -- C:\lxcq.log

[2006/04/30 19:14:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2004/08/04 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/05/25 16:58:32 | 000,250,048 | RHS- | M] () -- C:\NTLDR

[2010/09/30 16:58:52 | 1572,864,000 | -HS- | M] () -- C:\pagefile.sys

[2010/05/17 08:51:12 | 002,321,601 | ---- | M] () -- C:\Sweep.ace

[2008/05/15 08:21:33 | 000,000,099 | ---- | M] () -- C:\syslevel.lgl

[2010/05/15 14:57:26 | 016,980,439 | ---- | M] () -- C:\test.zip

[2009/08/18 09:17:55 | 000,001,656 | ---- | M] () -- C:\TPHKLOCK.TXT

[2010/09/30 17:01:59 | 000,069,413 | ---- | M] () -- C:\tracelog.txt

[2008/09/22 09:50:42 | 000,018,508 | ---- | M] () -- C:\UWMEMSDevices.cat

[2010/08/24 22:14:40 | 000,000,005 | ---- | M] () -- C:\zrpt.xml

< %SYSTEMROOT%\system32\*.dll /lockedfiles >

[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMROOT%\Tasks\*.job /lockedfiles >

< %SYSTEMROOT%\system32\config\*.sav >

[2006/04/30 12:01:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2006/04/30 12:01:46 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2006/04/30 12:01:46 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %SYSTEMROOT%\system32\drivers\*.sys /90 >

< %SYSTEMROOT%\system32\Spool\prtprocs\w32x86\*.dll >

[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

[2008/04/04 21:01:40 | 000,272,896 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpcpp5r1.DLL

[2002/08/29 06:41:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\jnwppr.dll

[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

[2007/12/10 09:00:00 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86

< End of report >

[Nzah]

BEGIN EXTRAS.TXT

=============

OTL Extras logfile created on: 10/1/2010 9:08:02 AM - Run 1

OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\nzah****\Desktop

Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free

Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 275.14 Gb Total Space | 148.25 Gb Free Space | 53.88% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

Drive F: | 501.22 Mb Total Space | 220.33 Mb Free Space | 43.96% Space Free | Partition Type: FAT

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JUKLEOPT

Current User Name: nzah****

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.bat [@ = batfile] -- Reg Error: Key error. File not found

.cmd [@ = cmdfile] -- Reg Error: Key error. File not found

.com [@ = ComFile] -- Reg Error: Key error. File not found

.exe [@ = exefile] -- Reg Error: Key error. File not found

.hta [@ = htafile] -- Reg Error: Key error. File not found

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

.url [@ = InternetShortcut] -- Reg Error: Key error. File not found

.txt [@ = MECEdit.Document] -- Reg Error: Key error. File not found

.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

"135:TCP" = 135:TCP:*:Enabled:TCP Port 135

"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000

"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001

"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002

"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003

"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004

"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005

"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006

"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007

"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008

"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009

"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010

"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011

"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012

"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013

"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014

"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015

"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016

"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017

"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018

"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019

"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"C:\OrCAD\OrCAD_10.5\setconfig.exe" = C:\OrCAD\OrCAD_10.5\setconfig.exe:*:Enabled:setconfig (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\updates.exe" = C:\OrCAD\OrCAD_10.5\updates.exe:*:Enabled:updates (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsdoc.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsdoc.exe:*:Enabled:cdsdoc (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsinfo.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsinfo.exe:*:Enabled:cdsinfo (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsmps.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsmps.exe:*:Enabled:cdsmps (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsMsgServer.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsNameServer.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsRemshClient.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsRemshClient.exe:*:Enabled:cdsRemshClient (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsRunHidden.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsRunHidden.exe:*:Enabled:cdsRunHidden (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsUnzip.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsUnzip.exe:*:Enabled:cdsUnzip (Release OrCAD 10.5) -- (DataFocus, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\bin\cdswhich.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdswhich.exe:*:Enabled:cdswhich (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cdsZip.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cdsZip.exe:*:Enabled:cdsZip (Release OrCAD 10.5) -- (DataFocus, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\bin\cds_root.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cds_root.exe:*:Enabled:cds_root (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\clsAdminTool.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\clsAdminTool.exe:*:Enabled:clsAdminTool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\clsbd.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\clsbd.exe:*:Enabled:clsbd (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\clu.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\clu.exe:*:Enabled:clu (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\cmfeedback.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\cmfeedback.exe:*:Enabled:cmfeedback (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\consmgr.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\consmgr.exe:*:Enabled:consmgr (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\bin\dregprint.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\dregprint.exe:*:Enabled:dregprint (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\mpsinfo.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\mpsinfo.exe:*:Enabled:mpsinfo (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\nmp.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\nmp.exe:*:Enabled:nmp (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\nmppath.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\nmppath.exe:*:Enabled:nmppath (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\obServer.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\obServer.exe:*:Enabled:obServer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\van.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\van.exe:*:Enabled:van (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\bin\versionviewer.exe" = C:\OrCAD\OrCAD_10.5\tools\bin\versionviewer.exe:*:Enabled:versionviewer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\capture\capture.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\capture.exe:*:Enabled:capture (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\capture\comp16.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\comp16.exe:*:Enabled:comp16 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\capture\pcadi.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\pcadi.exe:*:Enabled:pcadi (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\capture\pspiceexplorersrvr.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\pspiceexplorersrvr.exe:*:Enabled:pspiceexplorersrvr (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\capture\pstswp.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\pstswp.exe:*:Enabled:pstswp (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\capture\regsvr32.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 10.5) -- (Microsoft Corporation)

"C:\OrCAD\OrCAD_10.5\tools\capture\sch2cap.exe" = C:\OrCAD\OrCAD_10.5\tools\capture\sch2cap.exe:*:Enabled:sch2cap (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\capture\SETBROWS.EXE" = C:\OrCAD\OrCAD_10.5\tools\capture\SETBROWS.EXE:*:Enabled:SETBROWS (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\capture\tutorial\CAPTUTOR.EXE" = C:\OrCAD\OrCAD_10.5\tools\capture\tutorial\CAPTUTOR.EXE:*:Enabled:CAPTUTOR (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\cdsdocIndexer.exe" = C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\cdsdocIndexer.exe:*:Enabled:cdsdocIndexer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\obServer.exe" = C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\obServer.exe:*:Enabled:obServer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\cdsservipc.exe" = C:\OrCAD\OrCAD_10.5\tools\dfII\bin\cdsservipc.exe:*:Enabled:cdsservipc (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill.exe" = C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill.exe:*:Enabled:skill (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill_g.exe" = C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill_g.exe:*:Enabled:skill_g (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\bodygen.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\bodygen.exe:*:Enabled:bodygen (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\cpmaccess.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\cpmaccess.exe:*:Enabled:cpmaccess (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\libaccess.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\libaccess.exe:*:Enabled:libaccess (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\mkdefcfg.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\mkdefcfg.exe:*:Enabled:mkdefcfg (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\newgenasym.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\newgenasym.exe:*:Enabled:newgenasym (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\projmgr.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\projmgr.exe:*:Enabled:projmgr (Release OrCAD 10.5) -- (Cadence Design Systems Inc)

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\psetup.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\psetup.exe:*:Enabled:psetup (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\fet\bin\versiontool.exe" = C:\OrCAD\OrCAD_10.5\tools\fet\bin\versiontool.exe:*:Enabled:versiontool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\javaws-1_2_0_02-windows-i586-i.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\javaws-1_2_0_02-windows-i586-i.exe:*:Enabled:javaws-1_2_0_02-windows-i586-i (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\java.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\java.exe:*:Enabled:java (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\javaw.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\javaw.exe:*:Enabled:javaw (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\jpicpl32.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\jpicpl32.exe:*:Enabled:jpicpl32 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\keytool.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\keytool.exe:*:Enabled:keytool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\kinit.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\kinit.exe:*:Enabled:kinit (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\klist.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\klist.exe:*:Enabled:klist (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\ktab.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\ktab.exe:*:Enabled:ktab (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\orbd.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\orbd.exe:*:Enabled:orbd (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\policytool.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\policytool.exe:*:Enabled:policytool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmid.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmid.exe:*:Enabled:rmid (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmiregistry.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmiregistry.exe:*:Enabled:rmiregistry (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\servertool.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\servertool.exe:*:Enabled:servertool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\jre\bin\tnameserv.exe" = C:\OrCAD\OrCAD_10.5\tools\jre\bin\tnameserv.exe:*:Enabled:tnameserv (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\fvupdateutil.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gcad.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gcad.exe:*:Enabled:gcad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gcam.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gcam.exe:*:Enabled:gcam (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gcdin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gcdin.exe:*:Enabled:gcdin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\idfin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\idfin.exe:*:Enabled:idfin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\ipc356.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\layout.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\layout.exe:*:Enabled:layout (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\libcat.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\libcat.exe:*:Enabled:libcat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\lsession.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\lsession.exe:*:Enabled:lsession (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout\max2hyp.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 10.5) -- (HyperLynx)

"C:\OrCAD\OrCAD_10.5\tools\layout\maxascb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxascb.exe:*:Enabled:maxascb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxascx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxascx.exe:*:Enabled:maxascx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxdxf.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 10.5) -- (OrCAD)

"C:\OrCAD\OrCAD_10.5\tools\layout\maxeco.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxeco.exe:*:Enabled:maxeco (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxfnetx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxfnetx.exe:*:Enabled:maxfnetx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxminb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxminb.exe:*:Enabled:maxminb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxminw.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxminw.exe:*:Enabled:maxminw (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxminx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxminx.exe:*:Enabled:maxminx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxorcad.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxorcad.exe:*:Enabled:maxorcad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxp99x.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxp99x.exe:*:Enabled:maxp99x (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxpadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxpadb.exe:*:Enabled:maxpadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxpadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxpadx.exe:*:Enabled:maxpadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadb.exe:*:Enabled:maxpcadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadx.exe:*:Enabled:maxpcadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxprotb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxprotb.exe:*:Enabled:maxprotb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxprotx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxprotx.exe:*:Enabled:maxprotx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxstrb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxstrb.exe:*:Enabled:maxstrb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxstrx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxstrx.exe:*:Enabled:maxstrx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxtangb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxtangb.exe:*:Enabled:maxtangb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\maxtangx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\maxtangx.exe:*:Enabled:maxtangx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\mfceco.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\mfceco.exe:*:Enabled:mfceco (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\orcadodb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\orcadodb.exe:*:Enabled:orcadodb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\padb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\padb.exe:*:Enabled:padb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\padx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\padx.exe:*:Enabled:padx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\pcadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\pcadb.exe:*:Enabled:pcadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\pcadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\pcadx.exe:*:Enabled:pcadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\pcb2max.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\pcb2max.exe:*:Enabled:pcb2max (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\prcat.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\prcat.exe:*:Enabled:prcat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\protb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\protb.exe:*:Enabled:protb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\protx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\protx.exe:*:Enabled:protx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\searchTool.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\searchTool.exe:*:Enabled:searchTool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\setbrows.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\setbrows.exe:*:Enabled:setbrows (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\specin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\specin.exe:*:Enabled:specin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\strb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\strb.exe:*:Enabled:strb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\strx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\strx.exe:*:Enabled:strx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\tangb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\tangb.exe:*:Enabled:tangb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\tangx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\tangx.exe:*:Enabled:tangx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\to386.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\to386.exe:*:Enabled:to386 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\toidf.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\toidf.exe:*:Enabled:toidf (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\tomax.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\tomax.exe:*:Enabled:tomax (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\tospec.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\tospec.exe:*:Enabled:tospec (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\update90.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\update90.exe:*:Enabled:update90 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\fonts\f2g.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\fonts\f2g.exe:*:Enabled:f2g (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\fonts\g2r.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\fonts\g2r.exe:*:Enabled:g2r (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\apstub.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\apstub.exe:*:Enabled:apstub (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\custaped.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\custaped.exe:*:Enabled:custaped (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\gerbline.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\gerbline.exe:*:Enabled:gerbline (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\gerbtool.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\program\gerbtool.exe:*:Enabled:gerbtool (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout\gtool\system\fixtbar.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\gtool\system\fixtbar.exe:*:Enabled:fixtbar (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout\samples\demo\reset.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\samples\demo\reset.exe:*:Enabled:reset (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\sroute\batch32.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\sroute\batch32.exe:*:Enabled:batch32 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout\sroute\sroute.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\sroute\sroute.exe:*:Enabled:sroute (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout\tutorial\laytutor.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\tutorial\laytutor.exe:*:Enabled:laytutor (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout\vcadd\vcadd32.exe" = C:\OrCAD\OrCAD_10.5\tools\layout\vcadd\vcadd32.exe:*:Enabled:vcadd32 (Release OrCAD 10.5) -- (OrCAD Corporation)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\fvupdateutil.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gcad.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gcad.exe:*:Enabled:gcad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gcam.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gcam.exe:*:Enabled:gcam (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gcdin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gcdin.exe:*:Enabled:gcdin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\idfin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\idfin.exe:*:Enabled:idfin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\ipc356.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\layout.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\layout.exe:*:Enabled:layout (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\libcat.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\libcat.exe:*:Enabled:libcat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\lsession.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\lsession.exe:*:Enabled:lsession (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\max2hyp.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 10.5) -- (HyperLynx)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxascb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxascb.exe:*:Enabled:maxascb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxascx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxascx.exe:*:Enabled:maxascx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxdxf.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 10.5) -- (OrCAD)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxeco.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxeco.exe:*:Enabled:maxeco (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxfnetx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxfnetx.exe:*:Enabled:maxfnetx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxminb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxminb.exe:*:Enabled:maxminb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxminw.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxminw.exe:*:Enabled:maxminw (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxminx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxminx.exe:*:Enabled:maxminx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxorcad.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxorcad.exe:*:Enabled:maxorcad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxp99x.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxp99x.exe:*:Enabled:maxp99x (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpadb.exe:*:Enabled:maxpadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpadx.exe:*:Enabled:maxpadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpcadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpcadb.exe:*:Enabled:maxpcadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpcadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxpcadx.exe:*:Enabled:maxpcadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxprotb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxprotb.exe:*:Enabled:maxprotb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxprotx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxprotx.exe:*:Enabled:maxprotx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxstrb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxstrb.exe:*:Enabled:maxstrb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxstrx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxstrx.exe:*:Enabled:maxstrx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxtangb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxtangb.exe:*:Enabled:maxtangb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxtangx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\maxtangx.exe:*:Enabled:maxtangx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\mfceco.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\mfceco.exe:*:Enabled:mfceco (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\orcadodb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\orcadodb.exe:*:Enabled:orcadodb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\padb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\padb.exe:*:Enabled:padb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\padx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\padx.exe:*:Enabled:padx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\pcadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\pcadb.exe:*:Enabled:pcadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\pcadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\pcadx.exe:*:Enabled:pcadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\pcb2max.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\pcb2max.exe:*:Enabled:pcb2max (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\prcat.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\prcat.exe:*:Enabled:prcat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\protb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\protb.exe:*:Enabled:protb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\protx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\protx.exe:*:Enabled:protx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\searchTool.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\searchTool.exe:*:Enabled:searchTool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\setbrows.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\setbrows.exe:*:Enabled:setbrows (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\specin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\specin.exe:*:Enabled:specin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\strb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\strb.exe:*:Enabled:strb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\strx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\strx.exe:*:Enabled:strx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tangb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tangb.exe:*:Enabled:tangb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tangx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tangx.exe:*:Enabled:tangx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\to386.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\to386.exe:*:Enabled:to386 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\toidf.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\toidf.exe:*:Enabled:toidf (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tomax.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tomax.exe:*:Enabled:tomax (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tospec.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tospec.exe:*:Enabled:tospec (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\update90.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\update90.exe:*:Enabled:update90 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\fonts\f2g.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\fonts\f2g.exe:*:Enabled:f2g (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\fonts\g2r.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\fonts\g2r.exe:*:Enabled:g2r (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\apstub.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\apstub.exe:*:Enabled:apstub (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\custaped.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\custaped.exe:*:Enabled:custaped (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\gerbline.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\gerbline.exe:*:Enabled:gerbline (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\gerbtool.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\program\gerbtool.exe:*:Enabled:gerbtool (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\system\fixtbar.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\gtool\system\fixtbar.exe:*:Enabled:fixtbar (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\samples\demo\reset.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\samples\demo\reset.exe:*:Enabled:reset (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\sroute\batch32.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\sroute\batch32.exe:*:Enabled:batch32 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\sroute\sroute.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\sroute\sroute.exe:*:Enabled:sroute (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tutorial\laytutor.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\tutorial\laytutor.exe:*:Enabled:laytutor (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\vcadd\vcadd32.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_eng_ed\vcadd\vcadd32.exe:*:Enabled:vcadd32 (Release OrCAD 10.5) -- (OrCAD Corporation)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\fvupdateutil.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gcad.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gcad.exe:*:Enabled:gcad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gcam.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gcam.exe:*:Enabled:gcam (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gcdin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gcdin.exe:*:Enabled:gcdin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\idfin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\idfin.exe:*:Enabled:idfin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\ipc356.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\layout.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\layout.exe:*:Enabled:layout (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\libcat.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\libcat.exe:*:Enabled:libcat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\lsession.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\lsession.exe:*:Enabled:lsession (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\max2hyp.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 10.5) -- (HyperLynx)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxascb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxascb.exe:*:Enabled:maxascb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxascx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxascx.exe:*:Enabled:maxascx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxdxf.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 10.5) -- (OrCAD)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxeco.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxeco.exe:*:Enabled:maxeco (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxfnetx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxfnetx.exe:*:Enabled:maxfnetx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxminb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxminb.exe:*:Enabled:maxminb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxminw.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxminw.exe:*:Enabled:maxminw (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxminx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxminx.exe:*:Enabled:maxminx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxorcad.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxorcad.exe:*:Enabled:maxorcad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxp99x.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxp99x.exe:*:Enabled:maxp99x (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpadb.exe:*:Enabled:maxpadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpadx.exe:*:Enabled:maxpadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpcadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpcadb.exe:*:Enabled:maxpcadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpcadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxpcadx.exe:*:Enabled:maxpcadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxprotb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxprotb.exe:*:Enabled:maxprotb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxprotx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxprotx.exe:*:Enabled:maxprotx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxstrb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxstrb.exe:*:Enabled:maxstrb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxstrx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxstrx.exe:*:Enabled:maxstrx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxtangb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxtangb.exe:*:Enabled:maxtangb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxtangx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\maxtangx.exe:*:Enabled:maxtangx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\mfceco.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\mfceco.exe:*:Enabled:mfceco (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\orcadodb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\orcadodb.exe:*:Enabled:orcadodb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\padb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\padb.exe:*:Enabled:padb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\padx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\padx.exe:*:Enabled:padx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\pcadb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\pcadb.exe:*:Enabled:pcadb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\pcadx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\pcadx.exe:*:Enabled:pcadx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\pcb2max.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\pcb2max.exe:*:Enabled:pcb2max (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\prcat.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\prcat.exe:*:Enabled:prcat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\protb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\protb.exe:*:Enabled:protb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\protx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\protx.exe:*:Enabled:protx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\searchTool.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\searchTool.exe:*:Enabled:searchTool (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\setbrows.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\setbrows.exe:*:Enabled:setbrows (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\specin.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\specin.exe:*:Enabled:specin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\strb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\strb.exe:*:Enabled:strb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\strx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\strx.exe:*:Enabled:strx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\tangb.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\tangb.exe:*:Enabled:tangb (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\tangx.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\tangx.exe:*:Enabled:tangx (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\to386.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\to386.exe:*:Enabled:to386 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\toidf.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\toidf.exe:*:Enabled:toidf (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\tomax.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\tomax.exe:*:Enabled:tomax (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\tospec.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\tospec.exe:*:Enabled:tospec (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\update90.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\update90.exe:*:Enabled:update90 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\fonts\f2g.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\fonts\f2g.exe:*:Enabled:f2g (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\fonts\g2r.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\fonts\g2r.exe:*:Enabled:g2r (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\apstub.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\apstub.exe:*:Enabled:apstub (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\custaped.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\custaped.exe:*:Enabled:custaped (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\gerbline.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\gerbline.exe:*:Enabled:gerbline (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\gerbtool.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\program\gerbtool.exe:*:Enabled:gerbtool (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\system\fixtbar.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\gtool\system\fixtbar.exe:*:Enabled:fixtbar (Release OrCAD 10.5) -- (WISE Software Solutions, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\samples\demo\reset.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\samples\demo\reset.exe:*:Enabled:reset (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\sroute\batch32.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\sroute\batch32.exe:*:Enabled:batch32 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\sroute\sroute.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\sroute\sroute.exe:*:Enabled:sroute (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\tutorial\laytutor.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\tutorial\laytutor.exe:*:Enabled:laytutor (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\layout_plus\vcadd\vcadd32.exe" = C:\OrCAD\OrCAD_10.5\tools\layout_plus\vcadd\vcadd32.exe:*:Enabled:vcadd32 (Release OrCAD 10.5) -- (OrCAD Corporation)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\a2dxf.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\a2dxf.exe:*:Enabled:a2dxf (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\a2sdf.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\a2sdf.exe:*:Enabled:a2sdf (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\aconvmap.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\aconvmap.exe:*:Enabled:aconvmap (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\allegro.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\allegro.exe:*:Enabled:allegro (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\allegro_free_viewer.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\allegro_free_viewer.exe:*:Enabled:allegro_free_viewer (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\aprepmap.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\aprepmap.exe:*:Enabled:aprepmap (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\artwork.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\artwork.exe:*:Enabled:artwork (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ashowmap.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ashowmap.exe:*:Enabled:ashowmap (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\batch_drc.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\batch_drc.exe:*:Enabled:batch_drc (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\bbvia.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\bbvia.exe:*:Enabled:bbvia (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\bem2d.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\bem2d.exe:*:Enabled:bem2d (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\brd2dml.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\brd2dml.exe:*:Enabled:brd2dml (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\cns_report.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\cns_report.exe:*:Enabled:cns_report (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\create_devices.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\create_devices.exe:*:Enabled:create_devices (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\create_sym.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\create_sym.exe:*:Enabled:create_sym (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbdoctor.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbdoctor.exe:*:Enabled:dbdoctor (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbdoctor14.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbdoctor14.exe:*:Enabled:dbdoctor14 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbdoctor_ui.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbdoctor_ui.exe:*:Enabled:dbdoctor_ui (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbfix11.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbfix11.exe:*:Enabled:dbfix11 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbfix12.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbfix12.exe:*:Enabled:dbfix12 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbfix13.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbfix13.exe:*:Enabled:dbfix13 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbstat.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dbstat.exe:*:Enabled:dbstat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dfa_dlg.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dfa_dlg.exe:*:Enabled:dfa_dlg (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dfa_update.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dfa_update.exe:*:Enabled:dfa_update (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dml2brd.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dml2brd.exe:*:Enabled:dml2brd (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dmlcheck.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dmlcheck.exe:*:Enabled:dmlcheck (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dmlcrypt.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dmlcrypt.exe:*:Enabled:dmlcrypt (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\downrev_library.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\downrev_library.exe:*:Enabled:downrev_library (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\draw_check.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\draw_check.exe:*:Enabled:draw_check (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dump_libraries.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dump_libraries.exe:*:Enabled:dump_libraries (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dxf2a.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\dxf2a.exe:*:Enabled:dxf2a (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ecl_schedule.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ecl_schedule.exe:*:Enabled:ecl_schedule (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\enved.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\enved.exe:*:Enabled:enved (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\explot.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\explot.exe:*:Enabled:explot (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\extracta.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\extracta.exe:*:Enabled:extracta (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\flash_convert.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\flash_convert.exe:*:Enabled:flash_convert (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\fpbrowse.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\fpbrowse.exe:*:Enabled:fpbrowse (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\FSvia.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\FSvia.exe:*:Enabled:FSvia (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\FSviaSolver.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\FSviaSolver.exe:*:Enabled:FSviaSolver (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ftsmerge.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ftsmerge.exe:*:Enabled:ftsmerge (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\gbplot.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\gbplot.exe:*:Enabled:gbplot (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\genfeedformat.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\genfeedformat.exe:*:Enabled:genfeedformat (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\genrad.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\genrad.exe:*:Enabled:genrad (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\gloss.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\gloss.exe:*:Enabled:gloss (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ibis2signoise.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ibis2signoise.exe:*:Enabled:ibis2signoise (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ibischk3.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ibischk3.exe:*:Enabled:ibischk3 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ibischk4.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ibischk4.exe:*:Enabled:ibischk4 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\idf_in.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\idf_in.exe:*:Enabled:idf_in (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\idf_out.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\idf_out.exe:*:Enabled:idf_out (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\iges_in.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\iges_in.exe:*:Enabled:iges_in (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\iges_out.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\iges_out.exe:*:Enabled:iges_out (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\il_allegro.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\il_allegro.exe:*:Enabled:il_allegro (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ipc356_out.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ipc356_out.exe:*:Enabled:ipc356_out (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\j2script.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\j2script.exe:*:Enabled:j2script (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\lis2buf.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\lis2buf.exe:*:Enabled:lis2buf (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\mbs2lib.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\mbs2lib.exe:*:Enabled:mbs2lib (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\mergedml.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\mergedml.exe:*:Enabled:mergedml (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\mkdeviceindex.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\mkdeviceindex.exe:*:Enabled:mkdeviceindex (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\modelintegrity.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\modelintegrity.exe:*:Enabled:modelintegrity (Release OrCAD 10.5) -- (Cadence Design Systems)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\modelsim.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\modelsim.exe:*:Enabled:modelsim (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ncroute.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ncroute.exe:*:Enabled:ncroute (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\nctape.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\nctape.exe:*:Enabled:nctape (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\netin.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\netin.exe:*:Enabled:netin (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\netrev.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\netrev.exe:*:Enabled:netrev (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pads_in.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pads_in.exe:*:Enabled:pads_in (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pad_designer.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pad_designer.exe:*:Enabled:pad_designer (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\parallel.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\parallel.exe:*:Enabled:parallel (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pcad_in.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pcad_in.exe:*:Enabled:pcad_in (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pe_wordpad.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pe_wordpad.exe:*:Enabled:pe_wordpad (Release OrCAD 10.5) -- (Microsoft Corporation)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\placement.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\placement.exe:*:Enabled:placement (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\plctxt.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\plctxt.exe:*:Enabled:plctxt (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pre_check.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\pre_check.exe:*:Enabled:pre_check (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\productServer.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\productServer.exe:*:Enabled:productServer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\quad2signoise.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\quad2signoise.exe:*:Enabled:quad2signoise (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\qvupdate.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\qvupdate.exe:*:Enabled:qvupdate (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\refresh_padstack.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\refresh_padstack.exe:*:Enabled:refresh_padstack (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\refresh_symbol.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\refresh_symbol.exe:*:Enabled:refresh_symbol (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\refresh_vs.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\refresh_vs.exe:*:Enabled:refresh_vs (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\reftxt.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\reftxt.exe:*:Enabled:reftxt (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\report.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\report.exe:*:Enabled:report (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\signoise.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\signoise.exe:*:Enabled:signoise (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigwave.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigwave.exe:*:Enabled:sigwave (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigwave_sc.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigwave_sc.exe:*:Enabled:sigwave_sc (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigxp.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigxp.exe:*:Enabled:sigxp (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigxsect.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sigxsect.exe:*:Enabled:sigxsect (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spc2dml.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spc2dml.exe:*:Enabled:spc2dml (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spc2spc.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spc2spc.exe:*:Enabled:spc2spc (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spif.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spif.exe:*:Enabled:spif (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spif_batch.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\spif_batch.exe:*:Enabled:spif_batch (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\swap.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\swap.exe:*:Enabled:swap (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\systemdump.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\systemdump.exe:*:Enabled:systemdump (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sys_root.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\sys_root.exe:*:Enabled:sys_root (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\techfile.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\techfile.exe:*:Enabled:techfile (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\techfile13.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\techfile13.exe:*:Enabled:techfile13 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\techfile14.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\techfile14.exe:*:Enabled:techfile14 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\tlp2.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\tlp2.exe:*:Enabled:tlp2 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\tlsim.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\tlsim.exe:*:Enabled:tlsim (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ts2dml.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\ts2dml.exe:*:Enabled:ts2dml (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\uprev.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\uprev.exe:*:Enabled:uprev (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pcb\bin\zrouter.exe" = C:\OrCAD\OrCAD_10.5\tools\pcb\bin\zrouter.exe:*:Enabled:zrouter (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\perl5\bin\perl.exe" = C:\OrCAD\OrCAD_10.5\tools\perl5\bin\perl.exe:*:Enabled:perl (Release OrCAD 10.5) -- (hip communications inc.)

"C:\OrCAD\OrCAD_10.5\tools\perl5\bin\perlglob.exe" = C:\OrCAD\OrCAD_10.5\tools\perl5\bin\perlglob.exe:*:Enabled:perlglob (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\perl5\ntt\cmd32.exe" = C:\OrCAD\OrCAD_10.5\tools\perl5\ntt\cmd32.exe:*:Enabled:cmd32 (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\appmgr.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\appmgr.exe:*:Enabled:appmgr (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pspice\IndiceFileGeneration.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\IndiceFileGeneration.exe:*:Enabled:IndiceFileGeneration (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\lxcwin.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\lxcwin.exe:*:Enabled:lxcwin (Release OrCAD 10.5) -- (MicroSim Corporation)

"C:\OrCAD\OrCAD_10.5\tools\pspice\Magneticdesigner.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\Magneticdesigner.exe:*:Enabled:Magneticdesigner (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\modeled.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\modeled.exe:*:Enabled:modeled (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pspice\MrkSrvr.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\MrkSrvr.exe:*:Enabled:MrkSrvr (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\msgview.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\msgview.exe:*:Enabled:msgview (Release OrCAD 10.5) -- (Cadence Design Systems)

"C:\OrCAD\OrCAD_10.5\tools\pspice\optimize.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\optimize.exe:*:Enabled:optimize (Release OrCAD 10.5) -- (Cadence Design System)

"C:\OrCAD\OrCAD_10.5\tools\pspice\PDesign.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\PDesign.exe:*:Enabled:PDesign (Release OrCAD 10.5) -- (Cadence Design Systems)

"C:\OrCAD\OrCAD_10.5\tools\pspice\psched.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\psched.exe:*:Enabled:psched (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\pspice.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\pspice.exe:*:Enabled:pspice (Release OrCAD 10.5) -- (Cadence Design Systems)

"C:\OrCAD\OrCAD_10.5\tools\pspice\pspiceaa.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\pspiceaa.exe:*:Enabled:pspiceaa (Release OrCAD 10.5) -- (Cadence Design Systems)

"C:\OrCAD\OrCAD_10.5\tools\pspice\pspiceexplorersrvr.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\pspiceexplorersrvr.exe:*:Enabled:pspiceexplorersrvr (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\psp_cmd.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\psp_cmd.exe:*:Enabled:psp_cmd (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\regsvr32.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 10.5) -- (Microsoft Corporation)

"C:\OrCAD\OrCAD_10.5\tools\pspice\simmgr.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\simmgr.exe:*:Enabled:simmgr (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\pspice\simsrvr.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\simsrvr.exe:*:Enabled:simsrvr (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\pspice\stmed.exe" = C:\OrCAD\OrCAD_10.5\tools\pspice\stmed.exe:*:Enabled:stmed (Release OrCAD 10.5) -- (Cadence Design System)

"C:\OrCAD\OrCAD_10.5\tools\specctra\bin\specctra.exe" = C:\OrCAD\OrCAD_10.5\tools\specctra\bin\specctra.exe:*:Enabled:specctra (Release OrCAD 10.5) -- (Cadence Design Systems, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\verity\bin\cdsdocIndexer.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\bin\cdsdocIndexer.exe:*:Enabled:cdsdocIndexer (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\merge.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\merge.exe:*:Enabled:merge (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\mkvdk.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\mkvdk.exe:*:Enabled:mkvdk (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\search.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\search.exe:*:Enabled:search (Release OrCAD 10.5) -- (Verity, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\setup.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\setup.exe:*:Enabled:setup (Release OrCAD 10.5) -- (Verity, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\v_uninst.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\bin\v_uninst.exe:*:Enabled:v_uninst (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\callback.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\callback.exe:*:Enabled:callback (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\filter.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\filter.exe:*:Enabled:filter (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\htmlini.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\htmlini.exe:*:Enabled:htmlini (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\htmserv.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\htmserv.exe:*:Enabled:htmserv (Release OrCAD 10.5) -- (Verity, Inc.)

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\index.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\index.exe:*:Enabled:index (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\jstree.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\jstree.exe:*:Enabled:jstree (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\jvtree.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\jvtree.exe:*:Enabled:jvtree (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\kvoop.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\kvoop.exe:*:Enabled:kvoop (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\regsvr32.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 10.5) -- (Microsoft Corporation)

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\summary.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\summary.exe:*:Enabled:summary (Release OrCAD 10.5) -- ()

"C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\viewers\amovie.exe" = C:\OrCAD\OrCAD_10.5\tools\verity\_nti40\filters\viewers\amovie.exe:*:Enabled:amovie (Release OrCAD 10.5) -- (Microsoft Corporation)

"C:\OrCAD\OrCAD_10.5\tools\specctra\bin\specctra.com" = C:\OrCAD\OrCAD_10.5\tools\specctra\bin\specctra.com:*:Enabled:specctra (Release OrCAD 10.5) -- ()

"C:\Program Files\Ansoft\HFSS12\hfss.exe" = C:\Program Files\Ansoft\HFSS12\hfss.exe:*:Enabled:Ansoft HFSS 12 -- (Ansoft LLC)

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[Nzah]

========== Files Created - No Company Name ==========

[2010/10/01 09:03:59 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\RKUnhookerLE.EXE

[2010/09/30 13:49:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/09/30 13:49:16 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2010/09/30 13:44:37 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/09/30 13:44:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/09/30 13:44:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/09/30 13:44:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/09/30 13:44:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/09/30 13:37:45 | 003,858,414 | R--- | C] () -- C:\Documents and Settings\nzahirov\Desktop\ComboFix.exe

[2010/09/30 09:01:18 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll

[2010/09/30 09:01:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe

[2010/09/30 09:00:55 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2010/09/30 08:50:48 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax

[2010/09/30 08:50:43 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll

[2010/09/30 08:50:39 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2010/09/30 08:50:39 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2010/09/30 08:46:41 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax

[2010/09/30 08:45:12 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2010/09/30 08:45:09 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2010/09/30 08:44:07 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2010/09/30 08:42:18 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll

[2010/09/30 08:42:13 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll

[2010/09/30 08:42:08 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll

[2010/09/30 08:42:02 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll

[2010/09/30 08:41:57 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll

[2010/09/30 08:41:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2010/09/30 08:39:03 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll

[2010/09/30 08:39:02 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll

[2010/09/30 08:39:01 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll

[2010/09/30 08:37:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls

[2010/09/30 08:37:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls

[2010/09/30 08:37:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls

[2010/09/30 08:37:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls

[2010/09/30 08:37:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls

[2010/09/30 08:37:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls

[2010/09/30 08:37:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls

[2010/09/30 08:37:10 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2010/09/30 08:37:10 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2010/09/30 08:37:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2010/09/30 08:37:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls

[2010/09/30 08:37:09 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2010/09/30 08:37:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls

[2010/09/30 08:37:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls

[2010/09/30 08:37:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls

[2010/09/30 08:37:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls

[2010/09/30 08:37:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls

[2010/09/30 08:37:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls

[2010/09/30 08:37:04 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls

[2010/09/30 08:37:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls

[2010/09/30 08:37:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls

[2010/09/30 08:37:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls

[2010/09/30 08:37:03 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls

[2010/09/30 08:37:03 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls

[2010/09/30 08:37:03 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls

[2010/09/30 08:37:03 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls

[2010/09/30 08:37:02 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2010/09/30 08:37:02 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls

[2010/09/30 08:36:58 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2010/09/30 08:36:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls

[2010/09/30 08:36:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls

[2010/09/30 08:36:57 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2010/09/30 08:36:57 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2010/09/30 08:36:57 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2010/09/30 08:36:43 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2010/09/30 08:36:41 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2010/09/30 08:36:30 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys

[2010/09/30 08:36:29 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys

[2010/09/30 08:36:29 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys

[2010/09/30 08:36:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys

[2010/09/30 08:36:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys

[2010/09/30 08:36:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys

[2010/09/30 08:36:26 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys

[2010/09/30 08:36:26 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys

[2010/09/30 08:36:24 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys

[2010/09/30 08:36:20 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys

[2010/09/30 07:59:09 | 3211,046,912 | -HS- | C] () -- C:\hiberfil.sys

[2010/09/29 14:52:24 | 141,302,368 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\ICP420.exe

[2010/09/29 13:07:10 | 379,430,944 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\visa462full.exe

[2010/09/28 21:57:08 | 000,059,205 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Marking Scheme F2010.pdf

[2010/09/28 21:56:15 | 000,012,015 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Marking Scheme F2010.docx

[2010/09/28 21:06:27 | 000,142,673 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Unfiled Notes.pdf

[2010/09/28 17:05:49 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Measurement & Automation.lnk

[2010/09/27 20:23:48 | 000,002,058 | ---- | C] () -- C:\Documents and Settings\nzahirov\.recently-used.xbel

[2010/09/16 04:12:04 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\HijackThis.lnk

[2010/08/25 21:21:50 | 000,000,024 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2010/08/20 08:49:09 | 001,044,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/07/09 14:43:04 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\usbiun2k.ini

[2010/07/09 11:16:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nidmfpan.ini

[2010/06/10 14:46:20 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\nirpc.ini

[2010/06/02 18:44:54 | 000,003,520 | ---- | C] () -- C:\WINDOWS\System32\nipalpg.dll

[2009/11/16 20:56:50 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\WMIMPLEX.dll

[2009/11/16 20:56:50 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\maplec.dll

[2009/11/16 20:56:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\maplecompat.dll

[2009/11/12 10:10:43 | 000,000,048 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\analyzer.set

[2009/10/21 09:29:45 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tmpFF.log

[2009/10/05 09:24:33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PerformaxCom.dll

[2009/09/16 17:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll

[2009/08/03 10:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys

[2009/07/31 14:13:44 | 000,000,069 | ---- | C] () -- C:\WINDOWS\pxisys.ini

[2009/07/31 14:13:44 | 000,000,030 | ---- | C] () -- C:\WINDOWS\pxiesys.ini

[2009/07/07 11:47:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI

[2009/06/17 10:26:12 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tmp62.log

[2009/05/11 01:22:43 | 000,004,005 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\Comma Separated Values (Windows).NOT

[2009/05/11 00:55:12 | 000,029,246 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\Comma Separated Values (Windows).ADR

[2009/02/09 17:48:24 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2009/01/12 22:55:58 | 000,000,146 | ---- | C] () -- C:\WINDOWS\capture.INI

[2009/01/12 22:44:18 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/01/12 22:40:48 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL

[2009/01/12 22:37:44 | 000,903,168 | ---- | C] () -- C:\WINDOWS\System32\mitmdl30.dll

[2009/01/12 22:37:43 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll

[2009/01/12 22:37:43 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll

[2009/01/12 22:37:43 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll

[2009/01/12 22:37:43 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll

[2009/01/12 22:37:43 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll

[2009/01/12 22:37:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll

[2009/01/12 22:37:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll

[2009/01/12 22:37:43 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll

[2009/01/12 22:37:43 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll

[2009/01/12 22:37:43 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll

[2009/01/12 22:37:43 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll

[2009/01/12 22:37:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll

[2009/01/12 22:37:42 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll

[2009/01/12 22:37:42 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll

[2009/01/12 21:57:24 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\PUTTY.RND

[2008/11/03 11:11:22 | 003,821,568 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\filesync.metadata

[2008/10/28 22:33:46 | 000,006,923 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\PrimoPDFSet.xml

[2008/10/28 22:29:28 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll

[2008/10/01 12:33:48 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\IntegMotorCANComm.dll

[2008/09/15 20:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008/09/15 20:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2008/09/15 20:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2008/09/15 20:11:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008/09/08 23:25:34 | 000,000,118 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI

[2008/09/08 23:19:34 | 000,021,240 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll

[2008/09/08 23:19:34 | 000,013,560 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll

[2008/09/08 21:39:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\PUTTY.RND

[2008/08/09 17:55:52 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2008/08/09 17:55:51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2008/08/09 17:55:47 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2008/08/09 17:55:46 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2008/08/09 17:55:42 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2008/08/09 17:55:42 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008/06/23 15:18:05 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/06/12 14:11:46 | 000,000,013 | ---- | C] () -- C:\WINDOWS\msgtn.ini

[2008/06/12 14:11:09 | 000,000,639 | ---- | C] () -- C:\WINDOWS\Powerplayer.ini

[2008/06/12 14:11:04 | 000,000,693 | ---- | C] () -- C:\WINDOWS\psnetwork.ini

[2008/06/08 09:25:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\linecalc.INI

[2008/06/05 23:57:03 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\fusioncache.dat

[2008/05/26 23:42:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ads.INI

[2008/05/25 11:13:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI

[2008/05/15 09:18:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/05/15 08:40:19 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2008/05/15 08:40:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4860.dll

[2008/05/15 08:37:57 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS

[2008/05/15 08:36:49 | 000,106,496 | ---- | C] () -- C:\WINDOWS\stkbtnpn.dll

[2008/05/15 08:35:46 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS

[2008/04/28 12:13:33 | 000,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini

[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2007/07/27 02:37:40 | 000,025,341 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI

[2007/07/27 02:37:29 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI

[2007/07/19 03:13:22 | 000,049,696 | ---- | C] () -- C:\WINDOWS\System32\nispdu.dll

[2007/07/19 02:32:30 | 000,049,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\nispdk.dll

[2007/07/19 02:32:24 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\niscdrau.dll

[2007/07/18 15:17:24 | 000,066,080 | ---- | C] () -- C:\WINDOWS\System32\cfswitch.dll

[2007/04/16 17:22:06 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\nipxiini.dll

[2007/04/16 16:52:36 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\niidaqlv.dll

[2006/09/14 12:59:23 | 001,490,999 | ---- | C] () -- C:\WINDOWS\System32\tkbtnpn1.dll

[2006/09/12 15:45:14 | 000,012,653 | ---- | C] () -- C:\WINDOWS\System32\GPIB.DLL

[2006/09/05 17:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL

[2006/06/13 16:35:32 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[2006/04/30 19:36:03 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2002/02/27 11:41:28 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll

[2002/02/27 11:41:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll

[2002/02/27 11:41:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll

[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[1999/11/04 11:00:38 | 000,001,840 | ---- | C] () -- C:\WINDOWS\System32\niidaqs.dll

========== LOP Check ==========

[2009/07/07 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

[2009/11/02 10:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes

[2009/09/02 16:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS

[2010/09/28 20:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IVI Foundation

[2009/08/18 10:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo

[2010/09/29 13:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments

[2010/06/26 10:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF

[2008/09/08 23:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments

[2008/08/09 14:22:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2008/05/15 08:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB

[2009/08/13 06:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2009/09/09 22:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/08/19 11:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Avaya

[2009/05/11 00:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Blackberry Desktop

[2010/03/26 00:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\BOXEE

[2009/10/07 08:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\CMC MicroSystems

[2009/03/19 23:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2009/07/07 10:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\DAEMON Tools Lite

[2009/11/02 10:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\DassaultSystemes

[2010/06/26 10:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Downloaded Installations

[2009/07/07 11:48:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\DWGeditor

[2010/08/11 11:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\FileZilla

[2010/05/17 20:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\gtk-2.0

[2008/10/04 15:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Inkscape

[2008/11/03 15:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Intervideo

[2010/08/22 21:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Leadertech

[2009/08/18 10:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Lenovo

[2009/11/16 23:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Maple

[2010/06/26 10:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Nitro PDF

[2008/06/13 14:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\ppStream

[2008/08/08 22:33:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Publish Providers

[2009/05/11 00:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Research In Motion

[2009/02/22 21:30:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\SolidDocuments

[2008/08/08 22:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Sony

[2008/08/08 21:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Sony Setup

[2008/09/08 20:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\StarNet

[2008/12/16 16:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\SumatraPDF

[2009/12/29 10:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\SystemRequirementsLab

[2010/09/26 19:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\uTorrent

[2009/08/06 10:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\webex

[2009/11/13 12:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Windows Search

[2010/09/30 17:02:34 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

[2010/09/30 17:00:58 | 000,000,306 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job

========== Purity Check ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:

[Nzah]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0087583F-1ED8-4A92-88A4-D49DCD56FC6B}" = NI Circuit Design Suite 10 Core

"{00D0E2A8-E43E-480E-B9D1-E22C9C1D2F72}" = NI-DAQ C and VB6 API

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181)

"{01CF3725-EE33-4308-BBF9-90BF6AC43814}" = NI Logos 5.2.0

"{01E47856-B1A1-4B69-A0DF-714942D5E4E8}" = NI-MDBG 1.7.0f0 for Phar Lap ETS

"{01EDE5EB-64AB-4C69-83C7-A4E40C791B3E}" = NI LabVIEW 2010 Simulation

"{0285C8EA-A48F-4EAF-A485-69C46C464271}" = NI LabVIEW 8.5 VI.lib

"{03148858-69DC-4143-8CA0-12972E5922F8}" = NI LabVIEW 2010

"{0326ECD9-FA62-4D9E-9C2E-148E61F7039F}" = Sonnet 12.56

"{035456F9-982A-49C0-A8D8-E9C0FEA659E4}" = NI-Serial 3.3

"{03B96C48-4001-46C7-AA89-6D8C5C32A5B8}" = NI Variable Manager

"{03BF551E-8F4B-463D-A859-B606AB984554}" = NI CompactRIO 2.3.1

"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)

"{03FECA97-52A3-4079-937E-7840EE4FF52C}" = NI Web Application Server 1.0

"{04003739-4638-4213-9E1F-3E0385D2E70C}" = NI Logos Support for LabVIEW Real-Time

"{0551E151-A312-44B2-956D-32715A988EB8}" = NI-PAL 2.1.0f1 for Phar Lap ETS

"{05DA0832-0D81-4B7E-A033-6B5DA95DB93A}" = NI PXI Platform Services 2.5.2 for LabVIEW Real-Time

"{061AE98B-178A-4143-A52A-68ED9279644D}" = NI Legacy DAQmxRF

"{0633AAD6-4FBD-4F94-A420-FE5FAC85FD24}" = NI-Serial 3.3 MAX Provider

"{06BF046D-7CDE-495B-82F3-52E185DC0714}" = NI LabVIEW SignalExpress 2010 LabVIEW Support

"{06E94DFA-ECCE-4A6D-BDCA-1F00D030B0C0}" = NI LabVIEW Merge Utility 10.0.0

"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour

"{0759CACC-6CF9-4C3C-92C5-39668679AB16}" = Microsoft Ink Desktop

"{076A4ADF-5FBD-4BE3-A39D-0F0139FCCD78}" = NI Installer for Xilinx Tools 6

"{078A5D0D-BF50-4BB1-89FB-1018391E9F06}" = NI LabVIEW 2010

"{08133ED0-B6EB-49CD-B0EF-60502E41D15E}" = NI Xerces Delay Load 2.7.1

"{09860281-0D72-418B-B691-CADCE0AF2192}" = NI Assistant Framework LabVIEW 2010 Support

"{0998FE6E-B0B5-4DF0-8383-42AAE3FEDAC3}" = NI LabVIEW Real-Time files for cRIO-900x (705F)

"{0A0FF37C-514F-4965-8D5E-A424B6D01742}" = NI-SCOPE 3.3.2

"{0AAB121C-8EA7-49F5-B37C-DF117FB46771}" = NI LabVIEW Run-Time Engine 2009 SP1

"{0B7F1849-865F-457A-AC37-7D7A32287991}" = NI LabVIEW Real-Time Support for PXI-8156B and 817x (E002)

"{0B9E27C7-9ECD-4362-B311-030EA48F8E72}" = Crystal XI

"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support

"{0CAD092C-5D1E-48AD-A845-E1EBA9AF1AF8}" = Tablet PC Tutorials for Microsoft Windows XP SP2

"{0CF669FF-D168-4CA3-8D9B-E5B74C192E88}" = NI Variable Engine LabVIEW 2010 Support

"{0D3F2D86-F2F2-4B05-BB46-83C15DC88CD1}" = NI LabVIEW 2010 Real-Time Error Dialog

"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0

"{0D55A96E-61D3-448E-AC78-0C01F921D7BF}" = NI-VISA GPIB-VXI (Legacy) Passport 5.0.0

"{0D679CB2-66E1-4B13-AFBF-E2A6E6D48DFC}" = NI IVI hp33120a Driver

"{0D77EC38-3091-40AE-A028-3C7BBEB0FC09}" = NI LabVIEW 8.5 License

"{0E0DBEB6-AD30-4F1B-9EDC-C330EB4FB1B0}" = NI LabVIEW Real-Time Support for cFP-21xx (7115)

"{0F7038A9-4CA2-4A63-B4F4-D3DB79B089D4}" = NI-Serial 3.3 Help

"{0FA913CA-3064-4FAF-9C59-94EC94B59EE5}" = NI BIOS Updater

"{0FB31DF8-38DF-4C9D-B313-AFAFC3FBA02B}" = NI LVBrokerAux 8.2.1

"{0FCE0BA9-8AD4-4622-9ADF-EFF0355EEAE7}" = NI LabVIEW Run-Time Engine Interop 2009

"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1

"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message

"{112FE5D5-EB7A-4795-B906-79FB08E936C6}" = NI-RPC 4.2.0f0 for Phar Lap ETS

"{11A52F80-21E6-41F4-BFE9-CB3B2DC389E2}" = NI Variable Engine Serial Support RT

"{122E90F8-A899-4225-AA82-94CBA2AEA98D}" = NI LabVIEW 8.5 Examples

"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility

"{12B5EBC4-D764-4C37-89D0-BD5A89BCCD44}" = NI Variable Engine Serial Support

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{14081443-583A-4605-BB91-83D38ADAC939}" = Microsoft Windows XP Tablet PC Edition 2005 Recognizer Pack

"{1538B06D-3F62-4622-B9D2-27B894C3496C}" = NI LVBrokerAux 8.5.0

"{155156B0-7C04-47A2-9CB4-D395DC4F1595}" = NI LabVIEW 8.5 FPGA Realtime Support

"{15B05C75-6B0C-4969-BD33-C9B8FBEFA251}" = NI LabVIEW 2010 License

"{1621361B-A165-4ABF-AB5D-86EA36E5C861}" = NI LabVIEW Modulation Toolkit 4.0

"{1692ADD0-675A-45B5-A095-9D427944E01F}" = NI LabVIEW 2010 Control Design and Simulation Module

"{1759CACC-6CF9-4C3C-92C5-39668679AB17}" = Microsoft Ink Crossword

"{1767C198-96AA-4D7C-B4DD-C34165607E7D}" = NI-Intel8254x for LabVIEW Real-Time

"{18B7064D-EAA8-44C4-8977-99EE4B21F68C}" = NI cRIO-910x Core

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{19F59734-0740-49E6-818D-53C1CA6B4ABE}" = NI System State Publisher

"{1C523A18-9AAF-422F-A494-96D2ABF0D19E}" = NI LabVIEW Simulation Module Shared Files

"{1C7A57F9-94F1-4A92-A7E6-41C2BB42CA05}" = NI LabVIEW Real-Time Support for cRIO-901x (718F)

"{1C885277-8F54-4C07-8E2B-05DE800A07E7}" = NI SCXI 1.8.1

"{1CF99BB2-C257-49A9-A5AB-078132CFFFC5}" = NI-STE10/100A 2.1.0f2 for Phar Lap ETS

"{1D1C5997-8531-4B48-9467-1754022FB265}" = NI PXI Platform Services 2.5.2 Expert

"{1E5C217C-FEE5-4A54-8A07-F6308D112CB3}" = NI MXS 4.7.0

"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime

"{20F02F78-9022-4E29-9094-08221E287D29}" = NI LabVIEW SignalExpress 2010 Datatypes LabVIEW 2010 Support

"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = ThinkPad Keyboard Customizer Utility

"{2158570A-D8E4-4A40-9AE4-92FC1E3BC223}" = NI Real-Time Execution Trace Toolkit

"{216886AA-525A-4E20-A845-EBB75FB5AD1E}" = NI PXI-5660 Support

"{21DFC7B6-3C9E-4D37-AA0A-4C75EE72E745}" = NI-RIO 2.3.1 driver for Real-Time Embedded Targets

"{21EF2C48-A06F-4001-8E0B-72DCA779860F}" = NI DataSocket 4.8

"{221861B8-D133-4377-803D-F005EB2B733C}" = NI LVBrokerAux1071

"{2254CBFE-56BB-47BD-9958-5103AA58C5F7}" = NI System Web Server Base 1.0

"{22AA7895-4A04-46C9-8C61-5EE6E4A4A999}" = NI CompactRIO Module Software 2.3.1

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{2461AEFD-6597-4B5F-9174-754B9DB56091}" = NI LabVIEW 8.5 Project

"{24D0A76F-34E1-43F7-B972-0608518CD2A7}" = Release OrCAD 10.5

"{24D2C6D6-B47C-4B27-BDD7-EE70F745E78A}" = NI-RIO 2.3.1

"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype

[kahdah]

Yes post the Combofix log please.

[Nzah]

ComboFix 10-09-29.04 - nzahirov 09/30/2010 14:03:30.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2248 [GMT -4:00]

Running from: c:\documents and settings\nzahirov\Desktop\ComboFix.exe

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\nzahirov\Local Settings\Application Data\{B54B5AE6-CB17-4BC6-80EC-5A5475ED9500}

c:\documents and settings\nzahirov\Local Settings\Application Data\{B54B5AE6-CB17-4BC6-80EC-5A5475ED9500}\chrome.manifest

c:\documents and settings\nzahirov\Local Settings\Application Data\{B54B5AE6-CB17-4BC6-80EC-5A5475ED9500}\chrome\content\_cfg.js

c:\documents and settings\nzahirov\Local Settings\Application Data\{B54B5AE6-CB17-4BC6-80EC-5A5475ED9500}\chrome\content\overlay.xul

c:\documents and settings\nzahirov\Local Settings\Application Data\{B54B5AE6-CB17-4BC6-80EC-5A5475ED9500}\install.rdf

c:\documents and settings\nzahirov\Local Settings\Application Data\Windows Server

c:\documents and settings\nzahirov\Local Settings\Application Data\Windows Server\server.dat

C:\Documents

c:\windows\system32\debug_log.scr

c:\windows\system32\drivers\yonrfjde.sys

c:\windows\system32\Thumbs.db

c:\windows\system32\drivers\oopuhnpkpjv.sys . . . is infected!! . . . Failed to find a valid replacement.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_yonrfjde

-------\Service_yonrfjde

((((((((((((((((((((((((( Files Created from 2010-08-28 to 2010-09-30 )))))))))))))))))))))))))))))))

.

2010-09-30 19:07 . 2010-09-30 19:07 53248 ----a-w- c:\temp\catchme.dll

2010-09-30 13:21 . 2010-09-30 13:21 -------- d-----w- c:\temp\plugtmp

2010-09-30 13:01 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2010-09-30 13:01 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2010-09-30 13:01 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2010-09-30 13:01 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2010-09-30 13:01 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2010-09-30 12:59 . 2004-08-04 02:29 19551 ----a-w- c:\windows\system32\dllcache\watv02nt.sys

2010-09-30 12:58 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2010-09-30 12:57 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2010-09-30 12:56 . 2008-04-13 18:40 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys

2010-09-30 12:55 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2010-09-30 12:54 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll

2010-09-30 12:53 . 2001-08-17 16:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys

2010-09-30 12:52 . 2001-08-17 17:51 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys

2010-09-30 12:51 . 2004-08-04 11:00 79872 ----a-w- c:\windows\system32\dllcache\rwia330.dll

2010-09-30 12:50 . 2001-08-17 17:28 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys

2010-09-30 12:49 . 2008-04-13 18:44 27904 ----a-w- c:\windows\system32\dllcache\perm2.sys

2010-09-30 12:48 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys

2010-09-30 12:47 . 2001-08-18 02:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll

2010-09-30 12:46 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2010-09-30 12:45 . 2001-08-17 16:19 48768 ----a-w- c:\windows\system32\dllcache\maestro.sys

2010-09-30 12:44 . 2001-08-18 02:36 8192 ----a-w- c:\windows\system32\dllcache\kbdkor.dll

2010-09-30 12:43 . 2001-08-18 02:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll

2010-09-30 12:42 . 2001-08-17 17:28 57471 ----a-w- c:\windows\system32\dllcache\hsf_samp.sys

2010-09-30 12:41 . 2001-08-18 02:36 83968 ----a-w- c:\windows\system32\dllcache\hpgt21.dll

2010-09-30 12:40 . 2001-08-18 02:36 71680 ----a-w- c:\windows\system32\dllcache\fnfilter.dll

2010-09-30 12:39 . 2001-08-17 16:17 629952 ----a-w- c:\windows\system32\dllcache\eqn.sys

2010-09-30 12:38 . 2001-08-18 02:36 236060 ----a-w- c:\windows\system32\dllcache\ditrace.exe

2010-09-30 12:37 . 2008-04-14 00:11 249856 ----a-w- c:\windows\system32\dllcache\ctmasetp.dll

2010-09-30 12:36 . 2001-08-17 17:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys

2010-09-30 12:35 . 2001-08-17 18:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll

2010-09-30 12:35 . 2001-08-17 16:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys

2010-09-30 12:35 . 2001-08-17 18:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys

2010-09-30 12:35 . 2001-08-17 17:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys

2010-09-30 12:35 . 2004-08-04 11:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll

2010-09-30 12:35 . 2001-08-17 18:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll

2010-09-30 12:35 . 2004-08-04 11:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe

2010-09-30 12:35 . 2004-08-04 11:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll

2010-09-30 12:35 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll

2010-09-30 12:35 . 2004-08-04 11:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll

2010-09-30 12:35 . 2004-08-04 11:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll

2010-09-30 12:35 . 2004-08-04 11:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe

2010-09-30 12:02 . 2010-09-30 19:09 -------- d-----w- c:\temp\Acrobat Distiller 9

2010-09-29 00:58 . 2010-04-28 22:35 19456 ----a-w- c:\windows\system32\drivers\ausbtmc.sys

2010-09-29 00:58 . 2010-09-29 00:58 -------- d-----w- c:\documents and settings\All Users\Application Data\IVI Foundation

2010-09-28 20:47 . 2010-09-28 20:47 -------- d-----w- c:\windows\system32\Common Files

2010-09-28 20:46 . 2010-09-28 20:46 -------- d-----w- C:\Packages

2010-09-25 14:03 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys

2010-09-25 14:03 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys

2010-09-25 02:53 . 2010-09-25 02:53 -------- d-----w- c:\program files\Microsoft Silverlight

2010-09-21 09:08 . 2010-09-23 11:37 72320 ----a-w- c:\windows\system32\drivers\oopuhnpkpjv.sys

2010-09-21 09:08 . 2010-09-21 09:08 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2010-09-18 09:49 . 2010-09-23 02:27 -------- d-----w- C:\slike_tetke

2010-09-18 09:44 . 2010-09-27 19:54 -------- d-----w- C:\slike

2010-09-16 08:12 . 2010-09-16 08:12 -------- d-----w- c:\program files\Trend Micro

2010-09-16 04:54 . 2010-09-16 04:54 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache

2010-09-14 00:37 . 2010-09-14 00:37 -------- d-----w- c:\program files\Veetle

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-30 18:30 . 2008-05-25 14:04 -------- d-----w- c:\program files\Symantec AntiVirus

2010-09-30 18:27 . 2008-06-12 22:11 -------- d-----w- c:\documents and settings\LocalService\Application Data\VMware

2010-09-30 18:27 . 2008-06-12 22:10 -------- d-----w- c:\documents and settings\All Users\Application Data\VMware

2010-09-30 18:22 . 2010-08-20 12:49 1044056 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2010-09-29 17:57 . 2009-07-31 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\National Instruments

2010-09-29 17:12 . 2008-05-15 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-09-29 17:12 . 2009-07-31 12:05 -------- d-----w- c:\program files\Common Files\Merge Modules

2010-09-29 14:46 . 2009-07-31 12:02 -------- d-----w- c:\program files\National Instruments

2010-09-28 17:45 . 2009-07-31 12:22 -------- d-----w- c:\program files\IVI

2010-09-27 23:42 . 2009-12-17 20:17 -------- d-----w- c:\program files\Lexmark Toolbar

2010-09-27 23:33 . 2008-05-25 14:08 -------- d-----w- c:\program files\uTorrent

2010-09-27 00:38 . 2010-08-25 02:16 -------- d-----w- c:\program files\PeerBlock

2010-09-26 23:07 . 2008-06-12 04:20 -------- d-----w- c:\documents and settings\nzahirov\Application Data\uTorrent

2010-09-26 13:11 . 2009-12-17 20:18 -------- d-----w- c:\program files\Lx_cats

2010-09-25 15:46 . 2008-08-25 18:04 -------- d-----w- c:\documents and settings\nzahirov\Application Data\Skype

2010-09-25 14:01 . 2008-08-25 18:07 -------- d-----w- c:\documents and settings\nzahirov\Application Data\skypePM

2010-09-16 08:11 . 2009-01-26 22:00 1984 ----a-w- c:\windows\system32\d3d9caps.dat

2010-09-16 05:06 . 2010-08-25 02:16 0 ----a-w- c:\windows\Imuxixaxet.bin

2010-09-07 16:42 . 2010-08-25 02:16 120 ----a-w- c:\windows\Rzusih.dat

2010-08-31 16:11 . 2010-08-31 16:11 3401880 ----a-w- c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll

2010-08-31 15:55 . 2010-08-31 15:55 275096 ----a-w- c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\npgoogletalk.dll

2010-08-31 15:39 . 2010-08-31 15:39 3734536 ----a-w- c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll

2010-08-24 02:45 . 2010-06-27 04:01 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Nitro PDF

2010-08-23 01:55 . 2009-07-09 16:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-08-23 01:54 . 2009-07-09 16:20 -------- d-----w- c:\program files\sonnet.12.52

2010-08-23 01:51 . 2010-08-23 01:51 -------- d-----w- c:\documents and settings\nzahirov\Application Data\Leadertech

2010-08-23 01:50 . 2008-05-15 12:53 -------- d-----w- c:\program files\InterVideo

2010-08-23 01:50 . 2008-05-15 12:35 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-08-11 16:01 . 2010-08-11 16:00 -------- d-----w- c:\program files\sonnet.12.56

2010-08-11 15:58 . 2008-06-08 15:55 -------- d-----w- c:\documents and settings\nzahirov\Application Data\FileZilla

2010-06-25 17:57 . 2010-06-25 17:57 158720 ----a-w- c:\program files\internet explorer\plugins\LV2010ActiveXControl.dll

2004-03-15 21:51 . 2004-03-15 21:51 114688 ------w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll

2003-05-01 13:36 . 2003-05-01 13:36 114688 ------w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll

2006-01-23 14:32 . 2006-01-23 14:32 131072 ------w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll

2007-02-08 14:48 . 2007-02-08 14:48 133920 ------w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll

2007-07-24 23:03 . 2007-07-24 23:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll

2008-12-10 18:50 . 2008-12-10 18:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll

2010-05-25 16:43 . 2010-05-25 16:43 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll

2010-02-05 01:35 . 2009-08-06 14:57 27960 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll

2010-02-05 01:35 . 2009-08-06 14:57 126344 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll

2009-08-06 14:57 . 2009-08-06 14:58 46408 ------w- c:\program files\mozilla firefox\plugins\atmccli.dll

2010-02-05 01:35 . 2009-08-06 14:58 98696 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TabletTip"="c:\program files\Common Files\microsoft shared\ink\tabtip.exe" [2008-04-14 271872]

"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2009-10-23 421888]

"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2009-10-23 208896]

"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-08-03 62240]

"TrackPointSrv"="c:\program files\Lenovo\TrackPoint\tp4serv.exe" [2009-06-26 92960]

"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]

"TpShocks"="TpShocks.exe" [2009-07-09 337184]

"TSMResident"="c:\program files\ThinkPad\Tablet Shortcut\TSMRESIDENT.EXE" [2009-08-18 472352]

"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]

"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]

"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-01-29 185688]

"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-08-03 2630968]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"vptray"="c:\progra~1\SYMANT~1\\vptray.exe" [2007-03-14 125632]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]

"niDevMon"="c:\program files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2007-07-14 106064]

"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]

"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]

"LENTBCTL"="c:\program files\ThinkPad\Tablet Shortcut\LENTBCTL.EXE" [2009-08-18 1230112]

"TabletButton"="c:\program files\ThinkPad\Tablet Shortcut\TabletButton.EXE" [2009-08-18 58656]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-24 1036288]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-09 166912]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-09 135680]

"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-01-29 124248]

"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2009-10-22 64048]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-03 640376]

"NI Background Service"="c:\program files\National Instruments\Shared\Update Service\niupdate.exe" [2010-05-28 77824]

"InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707"="c:\program files\National Instruments\Shared\NIUninstaller\InstallValidator.exe" [2010-06-22 232144]

c:\documents and settings\nzahirov\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

DynDNS Updater Tray Icon.lnk - c:\program files\DynDNS Updater\DynTray.exe [2009-9-28 91504]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]

2008-04-14 00:11 47104 ------w- c:\program files\Common Files\Microsoft Shared\Ink\loginkey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]

2007-03-15 05:17 89600 ------w- c:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]

2002-08-29 10:41 11776 ------w- c:\windows\system32\tabbtnwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]

2006-09-06 21:37 34344 ----a-w- c:\program files\Lenovo\HOTKEY\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]

2008-04-14 00:12 32256 ------w- c:\windows\system32\tpgwlnot.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TabletWizard]

2008-04-14 00:12 16384 ------w- c:\windows\Help\splshwrp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\ADS2006U3\\bin\\hpeesofemx.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\fbserver.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\ODBCutil.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\coventorStart.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\glish.exe"=

"c:\\Program Files\\MATLAB\\R2008a\\bin\\win32\\MATLAB.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\javaWrap.exe"=

"c:\\Coventor\\CoventorWare2008\\runtime\\jre\\1.6.0_01\\NT40\\bin\\java.exe"=

"c:\\Documents and Settings\\nzahirov\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=

"c:\\Documents and Settings\\nzahirov\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\TecplotWrapper.exe"=

"c:\\Program Files\\CMC MicroSystems\\CMC Access CADpass\\CADpass.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\OrCAD\\OrCAD_10.5\\setconfig.exe"=

"c:\\OrCAD\\OrCAD_10.5\\updates.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsdoc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsinfo.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsmps.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsMsgServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsNameServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsRemshClient.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsRunHidden.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsUnzip.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdswhich.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsZip.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cds_root.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\clsAdminTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\clsbd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\clu.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cmfeedback.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\consmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\dregprint.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\mpsinfo.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\nmp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\nmppath.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\obServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\van.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\versionviewer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\capture.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\comp16.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\pcadi.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\pspiceexplorersrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\pstswp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\regsvr32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\sch2cap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\SETBROWS.EXE"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\tutorial\\CAPTUTOR.EXE"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\cdsdoc\\bin\\cdsdocIndexer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\cdsdoc\\bin\\obServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\dfII\\bin\\cdsservipc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\dfII\\bin\\skill.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\dfII\\bin\\skill_g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\bodygen.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\cpmaccess.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\libaccess.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\mkdefcfg.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\newgenasym.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\projmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\psetup.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\versiontool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\javaws-1_2_0_02-windows-i586-i.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\java.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\javaw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\jpicpl32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\keytool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\kinit.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\klist.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\ktab.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\orbd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\policytool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\rmid.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\rmiregistry.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\servertool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\tnameserv.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\fvupdateutil.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gcam.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gcdin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\idfin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\ipc356.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\layout.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\libcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\lsession.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\max2hyp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxascb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxascx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxdxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxeco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxfnetx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxminb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxminw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxminx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxorcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxp99x.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxprotb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxprotx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxstrb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxstrx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxtangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxtangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\mfceco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\orcadodb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\padb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\padx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\pcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\pcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\pcb2max.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\prcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\protb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\protx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\searchTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\setbrows.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\specin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\strb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\strx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\to386.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\toidf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tomax.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tospec.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\update90.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\fonts\\f2g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\fonts\\g2r.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\apstub.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\custaped.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\gerbline.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\gerbtool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\system\\fixtbar.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\samples\\demo\\reset.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\sroute\\batch32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\sroute\\sroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tutorial\\laytutor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\vcadd\\vcadd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\fvupdateutil.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gcam.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gcdin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\idfin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\ipc356.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\layout.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\libcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\lsession.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\max2hyp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxascb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxascx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxdxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxeco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxfnetx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxminb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxminw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxminx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxorcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxp99x.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxprotb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxprotx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxstrb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxstrx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxtangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxtangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\mfceco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\orcadodb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\padb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\padx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\pcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\pcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\pcb2max.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\prcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\protb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\protx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\searchTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\setbrows.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\specin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\strb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\strx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\to386.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\toidf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tomax.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tospec.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\update90.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\fonts\\f2g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\fonts\\g2r.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\apstub.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\custaped.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\gerbline.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\gerbtool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\system\\fixtbar.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\samples\\demo\\reset.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\sroute\\batch32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\sroute\\sroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tutorial\\laytutor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\vcadd\\vcadd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\fvupdateutil.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gcam.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gcdin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\idfin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\ipc356.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\layout.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\libcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\lsession.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\max2hyp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxascb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxascx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxdxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxeco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxfnetx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxminb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxminw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxminx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxorcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxp99x.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxprotb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxprotx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxstrb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxstrx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxtangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxtangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\mfceco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\orcadodb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\padb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\padx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\pcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\pcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\pcb2max.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\prcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\protb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\protx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\searchTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\setbrows.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\specin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\strb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\strx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\to386.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\toidf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tomax.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tospec.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\update90.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\fonts\\f2g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\fonts\\g2r.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\apstub.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\custaped.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\gerbline.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\gerbtool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\system\\fixtbar.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\samples\\demo\\reset.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\sroute\\batch32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\sroute\\sroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tutorial\\laytutor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\vcadd\\vcadd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\a2dxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\a2sdf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\aconvmap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\allegro.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\allegro_free_viewer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\aprepmap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\artwork.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ashowmap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\batch_drc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\bbvia.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\bem2d.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\brd2dml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\cns_report.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\create_devices.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\create_sym.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbdoctor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbdoctor14.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbdoctor_ui.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbfix11.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbfix12.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbfix13.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbstat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dfa_dlg.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dfa_update.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dml2brd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dmlcheck.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dmlcrypt.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\downrev_library.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\draw_check.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dump_libraries.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dxf2a.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ecl_schedule.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\enved.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\explot.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\extracta.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\flash_convert.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\fpbrowse.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\FSvia.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\FSviaSolver.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ftsmerge.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\gbplot.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\genfeedformat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\genrad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\gloss.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ibis2signoise.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ibischk3.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ibischk4.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\idf_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\idf_out.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\iges_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\iges_out.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\il_allegro.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ipc356_out.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\j2script.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\lis2buf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\mbs2lib.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\mergedml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\mkdeviceindex.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\modelintegrity.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\modelsim.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ncroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\nctape.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\netin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\netrev.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pads_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pad_designer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\parallel.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pcad_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pe_wordpad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\placement.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\plctxt.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pre_check.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\productServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\quad2signoise.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\qvupdate.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\refresh_padstack.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\refresh_symbol.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\refresh_vs.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\reftxt.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\report.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\signoise.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigwave.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigwave_sc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigxp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigxsect.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spc2dml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spc2spc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spif.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spif_batch.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\swap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\systemdump.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sys_root.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\techfile.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\techfile13.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\techfile14.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\tlp2.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\tlsim.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ts2dml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\uprev.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\zrouter.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\perl5\\bin\\perl.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\perl5\\bin\\perlglob.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\perl5\\ntt\\cmd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\appmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\IndiceFileGeneration.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\lxcwin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\Magneticdesigner.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\modeled.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\MrkSrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\msgview.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\optimize.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\PDesign.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\psched.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\pspice.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\pspiceaa.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\pspiceexplorersrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\psp_cmd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\regsvr32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\simmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\simsrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\stmed.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\specctra\\bin\\specctra.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\bin\\cdsdocIndexer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\merge.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\mkvdk.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\search.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\setup.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\v_uninst.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\callback.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\filter.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\htmlini.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\htmserv.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\index.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\jstree.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\jvtree.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\kvoop.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\regsvr32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\summary.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\viewers\\amovie.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\specctra\\bin\\specctra.com"=

"c:\\Program Files\\Ansoft\\HFSS12\\hfss.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Maple 13\\jre\\bin\\maple.exe"=

"c:\\Program Files\\VMware\\VMware Player\\vmware-authd.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Boxee\\BOXEE.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\National Instruments\\Shared\\NI WebServer\\ApplicationWebServer.exe"=

"c:\\Program Files\\National Instruments\\Shared\\NI WebServer\\SystemWebServer.exe"=

"c:\\Program Files\\National Instruments\\Shared\\mDNS Responder\\nimdnsResponder.exe"=

"c:\\Program Files\\IVI\\Drivers\\niScope\\NI-SCOPE Soft Front Panel.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"135:TCP"= 135:TCP:TCP Port 135

"5000:TCP"= 5000:TCP:TCP Port 5000

"5001:TCP"= 5001:TCP:TCP Port 5001

"5002:TCP"= 5002:TCP:TCP Port 5002

"5003:TCP"= 5003:TCP:TCP Port 5003

"5004:TCP"= 5004:TCP:TCP Port 5004

"5005:TCP"= 5005:TCP:TCP Port 5005

"5006:TCP"= 5006:TCP:TCP Port 5006

"5007:TCP"= 5007:TCP:TCP Port 5007

"5008:TCP"= 5008:TCP:TCP Port 5008

"5009:TCP"= 5009:TCP:TCP Port 5009

"5010:TCP"= 5010:TCP:TCP Port 5010

"5011:TCP"= 5011:TCP:TCP Port 5011

"5012:TCP"= 5012:TCP:TCP Port 5012

"5013:TCP"= 5013:TCP:TCP Port 5013

"5014:TCP"= 5014:TCP:TCP Port 5014

"5015:TCP"= 5015:TCP:TCP Port 5015

"5016:TCP"= 5016:TCP:TCP Port 5016

"5017:TCP"= 5017:TCP:TCP Port 5017

"5018:TCP"= 5018:TCP:TCP Port 5018

"5019:TCP"= 5019:TCP:TCP Port 5019

"5020:TCP"= 5020:TCP:TCP Port 5020

R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [3/24/2010 12:27 PM 15448]

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [6/29/2009 2:51 PM 20520]

R1 TSMSMI;TSM System Interface Driver;c:\windows\system32\drivers\tsmsmi32.sys [5/15/2008 8:39 AM 15784]

R2 ASRSVC;ASR Service;c:\program files\ThinkPad\Tablet Shortcut\ASR\ASRSVC.exe [12/29/2009 11:03 AM 79136]

R2 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [9/28/2009 8:38 AM 99704]

R2 ni488enumsvc;NI-488.2 Enumeration Service;c:\windows\system32\nipalsm.exe [3/24/2010 3:23 PM 12696]

R2 NIApplicationWebServer;NI Application Web Server;c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [6/22/2010 5:02 PM 47776]

R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [4/16/2007 3:40 PM 37376]

R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [4/16/2007 3:40 PM 21504]

R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [4/16/2007 5:04 PM 674304]

R2 nidevldu;NI Device Loader;c:\windows\system32\nipalsm.exe [3/24/2010 3:23 PM 12696]

R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [4/16/2007 5:06 PM 50688]

R2 niLXIDiscovery;National Instruments LXI Discovery Service;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe [6/23/2010 1:14 PM 131776]

R2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [6/23/2010 4:21 PM 193712]

R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [4/16/2007 3:41 PM 30208]

R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [7/7/2009 1:43 PM 11344]

R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [4/16/2007 3:42 PM 111616]

R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [6/23/2010 10:04 AM 11432]

R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [6/11/2010 11:16 AM 65856]

R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.exe [8/18/2009 9:55 AM 53248]

R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/14/2007 7:48 PM 116416]

R2 smihlp;SMI Helper Driver (smihlp);c:\program files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [3/15/2007 1:10 AM 11152]

R2 TabletSVC;TABLET Service;c:\program files\ThinkPad\Tablet Shortcut\TSMService.exe [12/29/2009 11:03 AM 58656]

R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [3/30/2007 4:39 AM 62320]

R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [7/11/2007 8:38 PM 569344]

R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [10/22/2009 5:45 AM 70704]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/19/2010 3:05 AM 102448]

R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [7/7/2009 4:50 PM 11360]

R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [7/24/2007 12:19 PM 11360]

R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [7/13/2007 8:00 PM 11360]

R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [5/10/2007 12:34 PM 23080]

R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [5/22/2007 6:59 PM 30336]

R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [5/15/2008 8:23 AM 14208]

S0 bwsao;bwsao;c:\windows\system32\drivers\amuil.sys --> c:\windows\system32\drivers\amuil.sys [?]

S0 khqlmxop;khqlmxop;c:\windows\system32\drivers\oopuhnpkpjv.sys [9/21/2010 5:08 AM 72320]

S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [5/21/2009 8:48 PM 45424]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [10/22/2009 4:47 AM 563760]

S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\ftdibus.sys [5/26/2008 3:09 PM 58184]

S3 gpibprtk;gpibprtk;c:\windows\system32\drivers\gpibprtk.sys [7/31/2009 8:44 AM 215840]

S3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [1/11/2007 10:18 AM 20256]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [8/15/2009 8:35 AM 7680]

S3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [4/1/2009 3:16 PM 26192]

S3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [6/17/2009 11:35 AM 11344]

S3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [4/1/2009 3:31 PM 22608]

S3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [2/26/2007 12:40 PM 16672]

S3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [7/15/2007 5:44 PM 11352]

S3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [7/13/2007 10:38 PM 11336]

S3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [7/19/2007 3:06 AM 11344]

S3 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgkl.sys [2/23/2007 10:32 PM 11552]

S3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [7/24/2007 7:37 PM 11336]

S3 niemrkw;niemrkw;c:\windows\system32\drivers\niemrkw.sys [7/31/2009 8:48 AM 11336]

S3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [7/24/2007 7:37 PM 11336]

S3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [7/15/2007 6:31 PM 11352]

S3 nigplk;nigplk;c:\windows\system32\drivers\nigplkl.sys [2/23/2007 4:20 PM 11552]

S3 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrkl.sys [7/24/2007 10:01 PM 11352]

S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [7/18/2007 10:47 AM 11392]

S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [6/21/2007 12:19 AM 14464]

S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [6/21/2007 12:19 AM 151683]

S3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [7/13/2007 8:01 PM 11368]

S3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [7/19/2007 1:49 PM 11360]

S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [6/2/2010 6:44 PM 11968]

S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [6/2/2010 6:45 PM 11968]

S3 nipsdk;nipsdk;c:\windows\system32\drivers\nipsdkl.sys [7/24/2007 3:29 PM 11552]

S3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [6/25/2008 12:02 PM 20568]

S3 nirfsa2k;nirfsa2k;c:\windows\system32\drivers\niRFSA2kl.sys [6/30/2007 11:07 PM 11552]

S3 NiRioRpc;National Instruments RIO Server;c:\windows\system32\NiRioRpc.exe [7/27/2007 5:09 AM 28232]

S3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [7/19/2007 2:32 AM 11376]

S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [7/17/2007 12:27 AM 11352]

S3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [7/16/2007 12:52 PM 11344]

S3 nisldk;nisldk;c:\windows\system32\drivers\nisldkl.sys [6/16/2007 12:38 AM 11624]

S3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [7/19/2007 2:32 AM 11376]

S3 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdkl.sys [6/1/2007 3:39 PM 11552]

S3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [7/24/2007 7:37 PM 11336]

S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [7/15/2007 4:48 PM 11312]

S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [7/15/2007 5:50 PM 11360]

S3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [7/17/2007 4:18 AM 11336]

S3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [7/18/2007 10:15 PM 11360]

S3 nitnr2k;nitnr2k;c:\windows\system32\drivers\nitnr2kl.sys [2/24/2007 12:09 AM 11552]

S3 NIUSBTMC;NI-VISA USB TMC Driver;c:\windows\system32\DRIVERS\NIUSBTMC.sys --> c:\windows\system32\DRIVERS\NIUSBTMC.sys [?]

S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [6/23/2010 10:03 AM 11432]

S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [7/24/2007 7:37 PM 11336]

S3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [7/24/2007 7:38 PM 11336]

S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [8/24/2010 10:16 PM 14424]

S3 SIF32X;SIF32X;c:\windows\system32\drivers\SiF32x.sys [10/5/2009 9:24 AM 9600]

S3 usb6xxxk;usb6xxxk;\??\c:\windows\system32\drivers\usb6xxxkl.sys --> c:\windows\system32\drivers\usb6xxxkl.sys [?]

S3 usb6xxxkw;usb6xxxkw;c:\windows\system32\drivers\usb6xxxkw.sys [7/31/2009 8:48 AM 11312]

S3 Usbtmc;ausbtmc;c:\windows\system32\drivers\ausbtmc.sys [9/28/2010 8:58 PM 19456]

S4 CoventorWare Architect License Service;CoventorWare Architect License Service;c:\coventor\CoventorWare2008\licensing\NT40\lmgrd.fnet.exe [3/11/2008 9:59 PM 1294336]

S4 CoventorWare License Service;CoventorWare License Service;c:\coventor\CoventorWare2008\licensing\NT40\lmgrd.exe [3/11/2008 7:20 PM 815104]

S4 CoventorWare Microfluidics Solvers License Service;CoventorWare Microfluidics Solvers License Service;c:\coventor\CoventorWare2008\licensing\NT40\lmgrd.exe [3/11/2008 7:20 PM 815104]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/7/2009 9:49 AM 721904]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - NIPALK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4223995798-2641801745-1403671520-1009Core.job

- c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 19:06]

2010-09-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4223995798-2641801745-1403671520-1009UA.job

- c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 19:06]

2010-09-30 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]

2010-09-30 c:\windows\Tasks\PMTask.job

- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-05-15 06:04]

.

.

------- Supplementary Scan -------

.

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send To Bluetooth - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm

LSP: c:\program files\VMware\VMware Player\vsocklib.dll

DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} - hxxp://download.ppstream.com/bin/powerplayer.cab

FF - ProfilePath - c:\documents and settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\

FF - plugin: c:\documents and settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\npminuwet@uwaterloo.ca\plugins\npminuwet.dll

FF - plugin: c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npatgpc.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv2010win32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV80Win32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv85win32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv86win32.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv90win32.dll

FF - plugin: c:\program files\Veetle\Player\npvlc.dll

FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll

FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

.

------- File Associations -------

.

.txt=MECEdit.Document

.

- - - - ORPHANS REMOVED - - - -

HKLM-Run-IBMTBCTL - c:\program files\ThinkPad\Tablet Shortcut\IBMTBCTL.EXE

MSConfigStartUp-EzPrint - c:\program files\Lexmark 9300 Series\ezprint.exe

MSConfigStartUp-Xvaroh - c:\windows\ewofoqipofevinuy.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-09-30 15:07

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\windows\TEMP\TMP0000006037A7D0DF072D8040 524288 bytes

scan completed successfully

hidden files: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A15BEC5]<<

kernel: MBR read successfully

detected MBR rootkit hooks:

\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28

\Driver\ACPI -> ACPI.sys @ 0xb9f7fcb8

\Driver\atapi -> atapi.sys @ 0xb9e2c852

\Driver\iaStor -> iaStor.sys @ 0xb9d896ae

IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Intel® Wireless WiFi Link 4965AGN -> SendCompleteHandler -> NDIS.sys @ 0xb9c6fbb0

PacketIndicateHandler -> NDIS.sys @ 0xb9c7ca21

SendHandler -> NDIS.sys @ 0xb9c5a87b

user & kernel MBR OK

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,cf,eb,71,53,6b,b3,43,bd,f7,58,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,cf,eb,71,53,6b,b3,43,bd,f7,58,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(244)

c:\windows\system32\WININET.dll

c:\windows\system32\psqlpwd.dll

c:\program files\ThinkVantage Fingerprint Software\homefus2.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

c:\program files\ThinkVantage Fingerprint Software\infra.dll

c:\program files\ThinkVantage Fingerprint Software\homepass.dll

c:\program files\ThinkVantage Fingerprint Software\bio.dll

c:\program files\ThinkVantage Fingerprint Software\ps2css.dll

c:\program files\ThinkVantage Fingerprint Software\remote.dll

c:\program files\ThinkVantage Fingerprint Software\pscssint.dll

c:\program files\ThinkVantage Fingerprint Software\crypto.dll

- - - - - - - > 'lsass.exe'(308)

c:\windows\system32\WININET.dll

c:\windows\system32\psqlpwd.dll

c:\program files\ThinkVantage Fingerprint Software\homefus2.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

c:\program files\ThinkVantage Fingerprint Software\infra.dll

c:\program files\ThinkVantage Fingerprint Software\remote.dll

- - - - - - - > 'explorer.exe'(4352)

c:\windows\system32\WININET.dll

c:\program files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll

c:\program files\Lenovo\Client Security Solution\tvt_passwordmanager.dll

c:\program files\Lenovo\Client Security Solution\css_banner.dll

c:\program files\Lenovo\Client Security Solution\csswait.dll

c:\windows\system32\cssuserdatadispatcher.dll

c:\program files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll

c:\windows\system32\tvttsp.dll

c:\windows\system32\tcsrpc.dll

c:\program files\Common Files\Lenovo\tvt_think_res.dll

c:\program files\Lenovo\Client Security Solution\css_think_res.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\ibmpmsvc.exe

c:\program files\Intel\WiFi\bin\S24EvMon.exe

c:\program files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe

c:\program files\Common Files\Symantec Shared\ccSetMgr.exe

c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe

c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

c:\windows\system32\IPSSVC.EXE

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Symantec AntiVirus\DefWatch.exe

c:\program files\Intel\WiFi\bin\EvtEng.exe

c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\lkcitdl.exe

c:\windows\system32\lkads.exe

c:\windows\system32\lktsrv.exe

c:\program files\National Instruments\MAX\nimxs.exe

c:\program files\National Instruments\Shared\Security\nidmsrv.exe

c:\program files\National Instruments\Shared\NI WebServer\SystemWebServer.exe

c:\program files\National Instruments\Shared\Tagger\tagsrv.exe

c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe

c:\program files\Symantec AntiVirus\Rtvscan.exe

c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

c:\windows\system32\TpKmpSVC.exe

c:\program files\Lenovo\Client Security Solution\tvttcsd.exe

c:\program files\Lenovo\Rescue and Recovery\rrservice.exe

c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe

c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe

c:\program files\Common Files\Lenovo\Logger\logmon.exe

c:\windows\system32\wdfmgr.exe

c:\windows\system32\vmnat.exe

c:\windows\system32\SearchIndexer.exe

c:\program files\lenovo\system update\suservice.exe

c:\program files\VMware\VMware Player\vmware-authd.exe

c:\windows\system32\vmnetdhcp.exe

c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\SYSTEM32\WISPTIS.EXE

c:\windows\System32\tabbtnu.exe

c:\program files\Common Files\Microsoft Shared\Ink\TCServer.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\TpShocks.exe

c:\program files\Lenovo\HOTKEY\TPONSCR.exe

c:\program files\Lenovo\Zoom\TpScrex.exe

c:\progra~1\SYMANT~1\vptray.exe

c:\windows\system32\igfxsrvc.exe

c:\program files\Lenovo\Client Security Solution\tvtpwm_tray.exe

.

**************************************************************************

.

Completion time: 2010-09-30 15:19:11 - machine was rebooted

ComboFix-quarantined-files.txt 2010-09-30 19:19

Pre-Run: 159,017,984,000 bytes free

Post-Run: 159,175,487,488 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 62AFE2D181F29E82F030B2945AF17291

[kahdah]

I need to take a look at a file please.

Now: using Windows Explorer (to get there right-click your Start button and go to "Explore")

Navigate to this location and upload the following file.

c:\windows\system32\drivers\oopuhnpkpjv.sys

Click Here to upload the files please.

[Nzah]

I have submitted the file to bleepingcomputer.com as requested. The file was already deleted. But, luckily, it was still in the recycling bin. When I couldn't identify the file with a quick google search I assumed it was malicious and promptly deleted it.

Thanks for your help,

Nzah

[kahdah]

No problem the file has nothing in it.

Please delete the version of Combofix and do the following:

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

[Nzah]

kahdah,

Please find the combofix.log file below. Kitty had a snack.

ComboFix 10-10-03.01 - nzahirov 10/04/2010 9:34.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2278 [GMT -4:00]

Running from: c:\documents and settings\nzahirov\Desktop\ComboFix.exe

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

Infected copy of c:\windows\system32\drivers\kbdhid.sys was found and disinfected

Restored copy from - Kitty had a snack

.

((((((((((((((((((((((((( Files Created from 2010-09-04 to 2010-10-04 )))))))))))))))))))))))))))))))

.

2010-10-04 13:47 . 2010-10-04 13:47 53248 ----a-w- c:\temp\catchme.dll

2010-09-30 21:14 . 2010-09-30 21:14 -------- d-----w- c:\temp\MPTelemetrySubmit

2010-09-30 13:21 . 2010-09-30 13:21 -------- d-----w- c:\temp\plugtmp

2010-09-30 13:01 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2010-09-30 13:01 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2010-09-30 13:01 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2010-09-30 13:01 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2010-09-30 13:01 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2010-09-30 12:59 . 2004-08-04 02:29 19551 ----a-w- c:\windows\system32\dllcache\watv02nt.sys

2010-09-30 12:58 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2010-09-30 12:57 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2010-09-30 12:56 . 2008-04-13 18:40 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys

2010-09-30 12:55 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2010-09-30 12:54 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll

2010-09-30 12:53 . 2001-08-17 16:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys

2010-09-30 12:52 . 2001-08-17 17:51 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys

2010-09-30 12:51 . 2004-08-04 11:00 79872 ----a-w- c:\windows\system32\dllcache\rwia330.dll

2010-09-30 12:50 . 2001-08-17 17:28 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys

2010-09-30 12:49 . 2008-04-13 18:44 27904 ----a-w- c:\windows\system32\dllcache\perm2.sys

2010-09-30 12:48 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys

2010-09-30 12:47 . 2001-08-18 02:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll

2010-09-30 12:46 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2010-09-30 12:45 . 2001-08-17 16:19 48768 ----a-w- c:\windows\system32\dllcache\maestro.sys

2010-09-30 12:44 . 2001-08-18 02:36 8192 ----a-w- c:\windows\system32\dllcache\kbdkor.dll

2010-09-30 12:43 . 2001-08-18 02:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll

2010-09-30 12:42 . 2001-08-17 17:28 57471 ----a-w- c:\windows\system32\dllcache\hsf_samp.sys

2010-09-30 12:41 . 2001-08-18 02:36 83968 ----a-w- c:\windows\system32\dllcache\hpgt21.dll

2010-09-30 12:40 . 2001-08-18 02:36 71680 ----a-w- c:\windows\system32\dllcache\fnfilter.dll

2010-09-30 12:39 . 2001-08-17 16:17 629952 ----a-w- c:\windows\system32\dllcache\eqn.sys

2010-09-30 12:38 . 2001-08-18 02:36 236060 ----a-w- c:\windows\system32\dllcache\ditrace.exe

2010-09-30 12:37 . 2008-04-14 00:11 249856 ----a-w- c:\windows\system32\dllcache\ctmasetp.dll

2010-09-30 12:36 . 2001-08-17 17:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys

2010-09-30 12:35 . 2001-08-17 18:55 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll

2010-09-30 12:35 . 2001-08-17 16:48 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys

2010-09-30 12:35 . 2001-08-17 18:06 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys

2010-09-30 12:35 . 2001-08-17 17:28 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys

2010-09-30 12:35 . 2004-08-04 11:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll

2010-09-30 12:35 . 2001-08-17 18:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll

2010-09-30 12:35 . 2004-08-04 11:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe

2010-09-30 12:35 . 2004-08-04 11:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll

2010-09-30 12:35 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll

2010-09-30 12:35 . 2004-08-04 11:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll

2010-09-30 12:35 . 2004-08-04 11:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll

2010-09-30 12:35 . 2004-08-04 11:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe

2010-09-30 12:02 . 2010-10-04 13:17 -------- d-----w- c:\temp\Acrobat Distiller 9

2010-09-29 00:58 . 2010-04-28 22:35 19456 ----a-w- c:\windows\system32\drivers\ausbtmc.sys

2010-09-29 00:58 . 2010-09-29 00:58 -------- d-----w- c:\documents and settings\All Users\Application Data\IVI Foundation

2010-09-28 20:47 . 2010-09-28 20:47 -------- d-----w- c:\windows\system32\Common Files

2010-09-28 20:46 . 2010-09-28 20:46 -------- d-----w- C:\Packages

2010-09-25 14:03 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys

2010-09-25 14:03 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys

2010-09-25 02:53 . 2010-09-25 02:53 -------- d-----w- c:\program files\Microsoft Silverlight

2010-09-21 09:08 . 2010-09-21 09:08 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe

2010-09-18 09:49 . 2010-09-23 02:27 -------- d-----w- C:\slike_tetke

2010-09-18 09:44 . 2010-09-27 19:54 -------- d-----w- C:\slike

2010-09-16 08:12 . 2010-09-16 08:12 -------- d-----w- c:\program files\Trend Micro

2010-09-16 04:54 . 2010-09-16 04:54 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache

2010-09-14 00:37 . 2010-09-14 00:37 -------- d-----w- c:\program files\Veetle

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-04 13:33 . 2008-05-25 14:04 -------- d-----w- c:\program files\Symantec AntiVirus

2010-10-04 13:33 . 2008-06-12 22:10 -------- d-----w- c:\documents and settings\All Users\Application Data\VMware

2010-10-04 13:32 . 2008-06-12 22:11 -------- d-----w- c:\documents and settings\LocalService\Application Data\VMware

2010-10-04 13:28 . 2010-08-20 12:49 1044056 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

2010-09-29 17:57 . 2009-07-31 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\National Instruments

2010-09-29 17:12 . 2008-05-15 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help

2010-09-29 17:12 . 2009-07-31 12:05 -------- d-----w- c:\program files\Common Files\Merge Modules

2010-09-29 14:46 . 2009-07-31 12:02 -------- d-----w- c:\program files\National Instruments

2010-09-28 17:45 . 2009-07-31 12:22 -------- d-----w- c:\program files\IVI

2010-09-27 23:42 . 2009-12-17 20:17 -------- d-----w- c:\program files\Lexmark Toolbar

2010-09-27 23:33 . 2008-05-25 14:08 -------- d-----w- c:\program files\uTorrent

2010-09-27 00:38 . 2010-08-25 02:16 -------- d-----w- c:\program files\PeerBlock

2010-09-26 23:07 . 2008-06-12 04:20 -------- d-----w- c:\documents and settings\nzahirov\Application Data\uTorrent

2010-09-26 13:11 . 2009-12-17 20:18 -------- d-----w- c:\program files\Lx_cats

2010-09-25 15:46 . 2008-08-25 18:04 -------- d-----w- c:\documents and settings\nzahirov\Application Data\Skype

2010-09-25 14:01 . 2008-08-25 18:07 -------- d-----w- c:\documents and settings\nzahirov\Application Data\skypePM

2010-09-16 08:11 . 2009-01-26 22:00 1984 ----a-w- c:\windows\system32\d3d9caps.dat

2010-08-31 16:11 . 2010-08-31 16:11 3401880 ----a-w- c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll

2010-08-31 15:55 . 2010-08-31 15:55 275096 ----a-w- c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\npgoogletalk.dll

2010-08-31 15:39 . 2010-08-31 15:39 3734536 ----a-w- c:\documents and settings\nzahirov\Application Data\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll

2010-08-24 02:45 . 2010-06-27 04:01 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Nitro PDF

2010-08-23 01:55 . 2009-07-09 16:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-08-23 01:54 . 2009-07-09 16:20 -------- d-----w- c:\program files\sonnet.12.52

2010-08-23 01:51 . 2010-08-23 01:51 -------- d-----w- c:\documents and settings\nzahirov\Application Data\Leadertech

2010-08-23 01:50 . 2008-05-15 12:53 -------- d-----w- c:\program files\InterVideo

2010-08-23 01:50 . 2008-05-15 12:35 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-08-11 16:01 . 2010-08-11 16:00 -------- d-----w- c:\program files\sonnet.12.56

2010-08-11 15:58 . 2008-06-08 15:55 -------- d-----w- c:\documents and settings\nzahirov\Application Data\FileZilla

2010-06-25 17:57 . 2010-06-25 17:57 158720 ----a-w- c:\program files\internet explorer\plugins\LV2010ActiveXControl.dll

2004-03-15 21:51 . 2004-03-15 21:51 114688 ------w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll

2003-05-01 13:36 . 2003-05-01 13:36 114688 ------w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll

2006-01-23 14:32 . 2006-01-23 14:32 131072 ------w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll

2007-02-08 14:48 . 2007-02-08 14:48 133920 ------w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll

2007-07-24 23:03 . 2007-07-24 23:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll

2008-12-10 18:50 . 2008-12-10 18:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll

2010-05-25 16:43 . 2010-05-25 16:43 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll

2010-02-05 01:35 . 2009-08-06 14:57 27960 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll

2010-02-05 01:35 . 2009-08-06 14:57 126344 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll

2009-08-06 14:57 . 2009-08-06 14:58 46408 ------w- c:\program files\mozilla firefox\plugins\atmccli.dll

2010-02-05 01:35 . 2009-08-06 14:58 98696 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Update"="c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TabletTip"="c:\program files\Common Files\microsoft shared\ink\tabtip.exe" [2008-04-14 271872]

"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2009-10-23 421888]

"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2009-10-23 208896]

"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-08-03 62240]

"TrackPointSrv"="c:\program files\Lenovo\TrackPoint\tp4serv.exe" [2009-06-26 92960]

"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]

"TpShocks"="TpShocks.exe" [2009-07-09 337184]

"TSMResident"="c:\program files\ThinkPad\Tablet Shortcut\TSMRESIDENT.EXE" [2009-08-18 472352]

"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]

"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]

"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-01-29 185688]

"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-08-03 2630968]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"vptray"="c:\progra~1\SYMANT~1\\vptray.exe" [2007-03-14 125632]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]

"niDevMon"="c:\program files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2007-07-14 106064]

"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]

"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]

"LENTBCTL"="c:\program files\ThinkPad\Tablet Shortcut\LENTBCTL.EXE" [2009-08-18 1230112]

"TabletButton"="c:\program files\ThinkPad\Tablet Shortcut\TabletButton.EXE" [2009-08-18 58656]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-24 1036288]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-09 166912]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-09 135680]

"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-01-29 124248]

"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2009-10-22 64048]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-03 640376]

"NI Background Service"="c:\program files\National Instruments\Shared\Update Service\niupdate.exe" [2010-05-28 77824]

"InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707"="c:\program files\National Instruments\Shared\NIUninstaller\InstallValidator.exe" [2010-06-22 232144]

c:\documents and settings\nzahirov\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

DynDNS Updater Tray Icon.lnk - c:\program files\DynDNS Updater\DynTray.exe [2009-9-28 91504]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]

2008-04-14 00:11 47104 ------w- c:\program files\Common Files\Microsoft Shared\Ink\loginkey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]

2007-03-15 05:17 89600 ------w- c:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]

2002-08-29 10:41 11776 ------w- c:\windows\system32\tabbtnwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]

2006-09-06 21:37 34344 ----a-w- c:\program files\Lenovo\HOTKEY\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]

2008-04-14 00:12 32256 ------w- c:\windows\system32\tpgwlnot.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TabletWizard]

2008-04-14 00:12 16384 ------w- c:\windows\Help\splshwrp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\ADS2006U3\\bin\\hpeesofemx.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\fbserver.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\ODBCutil.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\coventorStart.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\glish.exe"=

"c:\\Program Files\\MATLAB\\R2008a\\bin\\win32\\MATLAB.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\javaWrap.exe"=

"c:\\Coventor\\CoventorWare2008\\runtime\\jre\\1.6.0_01\\NT40\\bin\\java.exe"=

"c:\\Documents and Settings\\nzahirov\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=

"c:\\Documents and Settings\\nzahirov\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"c:\\Coventor\\CoventorWare2008\\bin\\NT40\\TecplotWrapper.exe"=

"c:\\Program Files\\CMC MicroSystems\\CMC Access CADpass\\CADpass.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\OrCAD\\OrCAD_10.5\\setconfig.exe"=

"c:\\OrCAD\\OrCAD_10.5\\updates.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsdoc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsinfo.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsmps.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsMsgServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsNameServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsRemshClient.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsRunHidden.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsUnzip.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdswhich.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cdsZip.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cds_root.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\clsAdminTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\clsbd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\clu.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\cmfeedback.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\consmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\dregprint.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\mpsinfo.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\nmp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\nmppath.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\obServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\van.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\bin\\versionviewer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\capture.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\comp16.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\pcadi.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\pspiceexplorersrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\pstswp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\regsvr32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\sch2cap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\SETBROWS.EXE"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\capture\\tutorial\\CAPTUTOR.EXE"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\cdsdoc\\bin\\cdsdocIndexer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\cdsdoc\\bin\\obServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\dfII\\bin\\cdsservipc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\dfII\\bin\\skill.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\dfII\\bin\\skill_g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\bodygen.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\cpmaccess.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\libaccess.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\mkdefcfg.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\newgenasym.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\projmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\psetup.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\fet\\bin\\versiontool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\javaws-1_2_0_02-windows-i586-i.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\java.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\javaw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\jpicpl32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\keytool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\kinit.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\klist.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\ktab.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\orbd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\policytool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\rmid.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\rmiregistry.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\servertool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\jre\\bin\\tnameserv.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\fvupdateutil.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gcam.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gcdin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\idfin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\ipc356.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\layout.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\libcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\lsession.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\max2hyp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxascb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxascx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxdxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxeco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxfnetx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxminb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxminw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxminx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxorcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxp99x.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxpcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxprotb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxprotx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxstrb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxstrx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxtangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\maxtangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\mfceco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\orcadodb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\padb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\padx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\pcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\pcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\pcb2max.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\prcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\protb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\protx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\searchTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\setbrows.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\specin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\strb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\strx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\to386.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\toidf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tomax.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tospec.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\update90.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\fonts\\f2g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\fonts\\g2r.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\apstub.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\custaped.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\gerbline.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\program\\gerbtool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\gtool\\system\\fixtbar.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\samples\\demo\\reset.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\sroute\\batch32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\sroute\\sroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\tutorial\\laytutor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout\\vcadd\\vcadd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\fvupdateutil.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gcam.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gcdin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\idfin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\ipc356.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\layout.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\libcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\lsession.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\max2hyp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxascb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxascx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxdxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxeco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxfnetx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxminb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxminw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxminx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxorcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxp99x.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxpcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxprotb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxprotx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxstrb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxstrx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxtangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\maxtangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\mfceco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\orcadodb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\padb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\padx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\pcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\pcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\pcb2max.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\prcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\protb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\protx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\searchTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\setbrows.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\specin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\strb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\strx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\to386.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\toidf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tomax.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tospec.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\update90.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\fonts\\f2g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\fonts\\g2r.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\apstub.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\custaped.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\gerbline.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\program\\gerbtool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\gtool\\system\\fixtbar.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\samples\\demo\\reset.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\sroute\\batch32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\sroute\\sroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\tutorial\\laytutor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_eng_ed\\vcadd\\vcadd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\fvupdateutil.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gcam.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gcdin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\idfin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\ipc356.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\layout.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\libcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\lsession.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\max2hyp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxascb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxascx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxdxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxeco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxfnetx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxminb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxminw.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxminx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxorcad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxp99x.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxpcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxprotb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxprotx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxstrb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxstrx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxtangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\maxtangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\mfceco.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\orcadodb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\padb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\padx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\pcadb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\pcadx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\pcb2max.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\prcat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\protb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\protx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\searchTool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\setbrows.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\specin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\strb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\strx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tangb.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tangx.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\to386.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\toidf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tomax.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tospec.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\update90.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\fonts\\f2g.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\fonts\\g2r.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\apstub.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\custaped.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\gerbline.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\program\\gerbtool.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\gtool\\system\\fixtbar.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\samples\\demo\\reset.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\sroute\\batch32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\sroute\\sroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\tutorial\\laytutor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\layout_plus\\vcadd\\vcadd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\a2dxf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\a2sdf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\aconvmap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\allegro.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\allegro_free_viewer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\aprepmap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\artwork.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ashowmap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\batch_drc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\bbvia.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\bem2d.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\brd2dml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\cns_report.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\create_devices.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\create_sym.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbdoctor.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbdoctor14.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbdoctor_ui.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbfix11.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbfix12.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbfix13.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dbstat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dfa_dlg.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dfa_update.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dml2brd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dmlcheck.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dmlcrypt.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\downrev_library.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\draw_check.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dump_libraries.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\dxf2a.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ecl_schedule.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\enved.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\explot.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\extracta.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\flash_convert.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\fpbrowse.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\FSvia.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\FSviaSolver.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ftsmerge.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\gbplot.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\genfeedformat.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\genrad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\gloss.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ibis2signoise.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ibischk3.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ibischk4.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\idf_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\idf_out.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\iges_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\iges_out.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\il_allegro.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ipc356_out.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\j2script.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\lis2buf.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\mbs2lib.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\mergedml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\mkdeviceindex.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\modelintegrity.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\modelsim.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ncroute.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\nctape.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\netin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\netrev.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pads_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pad_designer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\parallel.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pcad_in.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pe_wordpad.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\placement.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\plctxt.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\pre_check.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\productServer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\quad2signoise.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\qvupdate.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\refresh_padstack.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\refresh_symbol.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\refresh_vs.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\reftxt.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\report.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\signoise.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigwave.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigwave_sc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigxp.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sigxsect.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spc2dml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spc2spc.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spif.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\spif_batch.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\swap.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\systemdump.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\sys_root.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\techfile.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\techfile13.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\techfile14.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\tlp2.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\tlsim.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\ts2dml.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\uprev.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pcb\\bin\\zrouter.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\perl5\\bin\\perl.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\perl5\\bin\\perlglob.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\perl5\\ntt\\cmd32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\appmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\IndiceFileGeneration.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\lxcwin.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\Magneticdesigner.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\modeled.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\MrkSrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\msgview.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\optimize.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\PDesign.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\psched.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\pspice.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\pspiceaa.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\pspiceexplorersrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\psp_cmd.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\regsvr32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\simmgr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\simsrvr.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\pspice\\stmed.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\specctra\\bin\\specctra.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\bin\\cdsdocIndexer.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\merge.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\mkvdk.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\search.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\setup.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\bin\\v_uninst.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\callback.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\filter.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\htmlini.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\htmserv.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\index.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\jstree.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\jvtree.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\kvoop.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\regsvr32.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\summary.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\verity\\_nti40\\filters\\viewers\\amovie.exe"=

"c:\\OrCAD\\OrCAD_10.5\\tools\\specctra\\bin\\specctra.com"=

"c:\\Program Files\\Ansoft\\HFSS12\\hfss.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Maple 13\\jre\\bin\\maple.exe"=

"c:\\Program Files\\VMware\\VMware Player\\vmware-authd.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Boxee\\BOXEE.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\National Instruments\\Shared\\NI WebServer\\ApplicationWebServer.exe"=

"c:\\Program Files\\National Instruments\\Shared\\NI WebServer\\SystemWebServer.exe"=

"c:\\Program Files\\National Instruments\\Shared\\mDNS Responder\\nimdnsResponder.exe"=

"c:\\Program Files\\IVI\\Drivers\\niScope\\NI-SCOPE Soft Front Panel.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

"135:TCP"= 135:TCP:TCP Port 135

"5000:TCP"= 5000:TCP:TCP Port 5000

"5001:TCP"= 5001:TCP:TCP Port 5001

"5002:TCP"= 5002:TCP:TCP Port 5002

"5003:TCP"= 5003:TCP:TCP Port 5003

"5004:TCP"= 5004:TCP:TCP Port 5004

"5005:TCP"= 5005:TCP:TCP Port 5005

"5006:TCP"= 5006:TCP:TCP Port 5006

"5007:TCP"= 5007:TCP:TCP Port 5007

"5008:TCP"= 5008:TCP:TCP Port 5008

"5009:TCP"= 5009:TCP:TCP Port 5009

"5010:TCP"= 5010:TCP:TCP Port 5010

"5011:TCP"= 5011:TCP:TCP Port 5011

"5012:TCP"= 5012:TCP:TCP Port 5012

"5013:TCP"= 5013:TCP:TCP Port 5013

"5014:TCP"= 5014:TCP:TCP Port 5014

"5015:TCP"= 5015:TCP:TCP Port 5015

"5016:TCP"= 5016:TCP:TCP Port 5016

"5017:TCP"= 5017:TCP:TCP Port 5017

"5018:TCP"= 5018:TCP:TCP Port 5018

"5019:TCP"= 5019:TCP:TCP Port 5019

"5020:TCP"= 5020:TCP:TCP Port 5020

R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [3/24/2010 12:27 PM 15448]

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [6/29/2009 2:51 PM 20520]

R1 TSMSMI;TSM System Interface Driver;c:\windows\system32\drivers\tsmsmi32.sys [5/15/2008 8:39 AM 15784]

R2 ASRSVC;ASR Service;c:\program files\ThinkPad\Tablet Shortcut\ASR\ASRSVC.exe [12/29/2009 11:03 AM 79136]

R2 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [9/28/2009 8:38 AM 99704]

R2 ni488enumsvc;NI-488.2 Enumeration Service;c:\windows\system32\nipalsm.exe [3/24/2010 3:23 PM 12696]

R2 NIApplicationWebServer;NI Application Web Server;c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [6/22/2010 5:02 PM 47776]

R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [4/16/2007 3:40 PM 37376]

R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [4/16/2007 3:40 PM 21504]

R2 nidevldu;NI Device Loader;c:\windows\system32\nipalsm.exe [3/24/2010 3:23 PM 12696]

R2 niLXIDiscovery;National Instruments LXI Discovery Service;c:\vxipnp\WinNT\NIvisa\niLxiDiscovery.exe [6/23/2010 1:14 PM 131776]

R2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [6/23/2010 4:21 PM 193712]

R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [4/16/2007 3:41 PM 30208]

R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [7/7/2009 1:43 PM 11344]

R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [4/16/2007 3:42 PM 111616]

R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [6/23/2010 10:04 AM 11432]

R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [6/11/2010 11:16 AM 65856]

R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.exe [8/18/2009 9:55 AM 53248]

R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/14/2007 7:48 PM 116416]

R2 smihlp;SMI Helper Driver (smihlp);c:\program files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [3/15/2007 1:10 AM 11152]

R2 TabletSVC;TABLET Service;c:\program files\ThinkPad\Tablet Shortcut\TSMService.exe [12/29/2009 11:03 AM 58656]

R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [3/30/2007 4:39 AM 62320]

R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [7/11/2007 8:38 PM 569344]

R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [10/22/2009 5:45 AM 70704]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/19/2010 3:05 AM 102448]

R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [7/7/2009 4:50 PM 11360]

R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [7/24/2007 12:19 PM 11360]

R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [7/13/2007 8:00 PM 11360]

R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [5/10/2007 12:34 PM 23080]

R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [5/22/2007 6:59 PM 30336]

R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [5/15/2008 8:23 AM 14208]

S0 bwsao;bwsao;c:\windows\system32\drivers\amuil.sys --> c:\windows\system32\drivers\amuil.sys [?]

S0 khqlmxop;khqlmxop;c:\windows\system32\drivers\oopuhnpkpjv.sys --> c:\windows\system32\drivers\oopuhnpkpjv.sys [?]

S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [5/21/2009 8:48 PM 45424]

S2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [4/16/2007 5:04 PM 674304]

S2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [4/16/2007 5:06 PM 50688]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [10/22/2009 4:47 AM 563760]

S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\ftdibus.sys [5/26/2008 3:09 PM 58184]

S3 gpibprtk;gpibprtk;c:\windows\system32\drivers\gpibprtk.sys [7/31/2009 8:44 AM 215840]

S3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [1/11/2007 10:18 AM 20256]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [8/15/2009 8:35 AM 7680]

S3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [4/1/2009 3:16 PM 26192]

S3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [6/17/2009 11:35 AM 11344]

S3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [4/1/2009 3:31 PM 22608]

S3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [2/26/2007 12:40 PM 16672]

S3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [7/15/2007 5:44 PM 11352]

S3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [7/13/2007 10:38 PM 11336]

S3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [7/19/2007 3:06 AM 11344]

S3 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgkl.sys [2/23/2007 10:32 PM 11552]

S3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [7/24/2007 7:37 PM 11336]

S3 niemrkw;niemrkw;c:\windows\system32\drivers\niemrkw.sys [7/31/2009 8:48 AM 11336]

S3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [7/24/2007 7:37 PM 11336]

S3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [7/15/2007 6:31 PM 11352]

S3 nigplk;nigplk;c:\windows\system32\drivers\nigplkl.sys [2/23/2007 4:20 PM 11552]

S3 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrkl.sys [7/24/2007 10:01 PM 11352]

S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [7/18/2007 10:47 AM 11392]

S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [6/21/2007 12:19 AM 14464]

S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [6/21/2007 12:19 AM 151683]

S3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [7/13/2007 8:01 PM 11368]

S3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [7/19/2007 1:49 PM 11360]

S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [6/2/2010 6:44 PM 11968]

S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [6/2/2010 6:45 PM 11968]

S3 nipsdk;nipsdk;c:\windows\system32\drivers\nipsdkl.sys [7/24/2007 3:29 PM 11552]

S3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [6/25/2008 12:02 PM 20568]

S3 nirfsa2k;nirfsa2k;c:\windows\system32\drivers\niRFSA2kl.sys [6/30/2007 11:07 PM 11552]

S3 NiRioRpc;National Instruments RIO Server;c:\windows\system32\NiRioRpc.exe [7/27/2007 5:09 AM 28232]

S3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [7/19/2007 2:32 AM 11376]

S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [7/17/2007 12:27 AM 11352]

S3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [7/16/2007 12:52 PM 11344]

S3 nisldk;nisldk;c:\windows\system32\drivers\nisldkl.sys [6/16/2007 12:38 AM 11624]

S3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [7/19/2007 2:32 AM 11376]

S3 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdkl.sys [6/1/2007 3:39 PM 11552]

S3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [7/24/2007 7:37 PM 11336]

S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [7/15/2007 4:48 PM 11312]

S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [7/15/2007 5:50 PM 11360]

S3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [7/17/2007 4:18 AM 11336]

S3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [7/18/2007 10:15 PM 11360]

S3 nitnr2k;nitnr2k;c:\windows\system32\drivers\nitnr2kl.sys [2/24/2007 12:09 AM 11552]

S3 NIUSBTMC;NI-VISA USB TMC Driver;c:\windows\system32\DRIVERS\NIUSBTMC.sys --> c:\windows\system32\DRIVERS\NIUSBTMC.sys [?]

S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [6/23/2010 10:03 AM 11432]

S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [7/24/2007 7:37 PM 11336]

S3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [7/24/2007 7:38 PM 11336]

S3 Normandy;Normandy SR2; [x]

S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [8/24/2010 10:16 PM 14424]

S3 SIF32X;SIF32X;c:\windows\system32\drivers\SiF32x.sys [10/5/2009 9:24 AM 9600]

S3 usb6xxxk;usb6xxxk;\??\c:\windows\system32\drivers\usb6xxxkl.sys --> c:\windows\system32\drivers\usb6xxxkl.sys [?]

S3 usb6xxxkw;usb6xxxkw;c:\windows\system32\drivers\usb6xxxkw.sys [7/31/2009 8:48 AM 11312]

S3 Usbtmc;ausbtmc;c:\windows\system32\drivers\ausbtmc.sys [9/28/2010 8:58 PM 19456]

S4 CoventorWare Architect License Service;CoventorWare Architect License Service;c:\coventor\CoventorWare2008\licensing\NT40\lmgrd.fnet.exe [3/11/2008 9:59 PM 1294336]

S4 CoventorWare License Service;CoventorWare License Service;c:\coventor\CoventorWare2008\licensing\NT40\lmgrd.exe [3/11/2008 7:20 PM 815104]

S4 CoventorWare Microfluidics Solvers License Service;CoventorWare Microfluidics Solvers License Service;c:\coventor\CoventorWare2008\licensing\NT40\lmgrd.exe [3/11/2008 7:20 PM 815104]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/7/2009 9:49 AM 721904]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - NIPALK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

2010-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4223995798-2641801745-1403671520-1009Core.job

- c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 19:06]

2010-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4223995798-2641801745-1403671520-1009UA.job

- c:\documents and settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 19:06]

2010-10-04 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]

2010-10-03 c:\windows\Tasks\PMTask.job

- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-05-15 06:04]

.

.

------- Supplementary Scan -------

.

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

IE: Send to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send To Bluetooth - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm

LSP: c:\program files\VMware\VMware Player\vsocklib.dll

DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} - hxxp://download.ppstream.com/bin/powerplayer.cab

FF - ProfilePath - c:\documents and settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

.

------- File Associations -------

.

.txt=MECEdit.Document

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,cf,eb,71,53,6b,b3,43,bd,f7,58,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1b,cf,eb,71,53,6b,b3,43,bd,f7,58,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(252)

c:\windows\system32\psqlpwd.dll

c:\program files\ThinkVantage Fingerprint Software\homefus2.dll

c:\program files\ThinkVantage Fingerprint Software\infra.dll

c:\program files\ThinkVantage Fingerprint Software\homepass.dll

c:\program files\ThinkVantage Fingerprint Software\bio.dll

c:\program files\ThinkVantage Fingerprint Software\ps2css.dll

c:\program files\ThinkVantage Fingerprint Software\pscssint.dll

c:\program files\ThinkVantage Fingerprint Software\remote.dll

c:\program files\ThinkVantage Fingerprint Software\crypto.dll

- - - - - - - > 'lsass.exe'(312)

c:\windows\system32\psqlpwd.dll

c:\program files\ThinkVantage Fingerprint Software\homefus2.dll

c:\program files\ThinkVantage Fingerprint Software\infra.dll

c:\program files\ThinkVantage Fingerprint Software\remote.dll

.

Completion time: 2010-10-04 09:50:22

ComboFix-quarantined-files.txt 2010-10-04 13:50

ComboFix2.txt 2010-09-30 19:19

Pre-Run: 159,777,173,504 bytes free

Post-Run: 159,737,245,696 bytes free

- - End Of File - - E4FDF2D7174423DD27C521C547FDC265

[kahdah]

Great let me know if the error is gone and do the following please.

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

  :Files
  C:\zrpt.xml
  c:\windows\Imuxixaxet.bin
  c:\windows\Rzusih.dat
  
  :Services
  khqlmxop
  bwsao
  
  
  :Commands
  [emptytemp]

  
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot when it is done
  
• It will produce a log for you on reboot, please post that log in your next reply.
  

================================Malwarebytes' Anti-Malware=================================

Please update\run Malwarebytes' Anti-Malware.

Double Click the Malwarebytes Anti-Malware icon to run the application.

• Click on the update tab then click on Check for updates.
  
• If an update is found, it will download and install the latest version.
  
• Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.

================================Online scan=================================

* Go here to run an online scannner from ESET.

• Note: You will need to use Internet explorer for this scan
  
• Tick the box next to YES, I accept the Terms of Use.
  
• Click Start
  
• When asked, allow the activex control to install
  
• Click Start
  
• Check next options: Remove found threats and Scan unwanted applications.
  
• Click Scan
  
• Wait for the scan to finish
  
• Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

[Nzah]

Hello,

Yes, my problems are effectively solved. No more win32 services crashes and browsers are now solid. The result of the OTL comands are shown below. They are aggregated since I missed a character in the first execution.

Best,

nzah

========== FILES ==========

C:\zrpt.xml moved successfully.

File\Folder c:\windows\Imuxixaxet.bin not found.

File\Folder c:\windows\Rzusih.dat not found.

========== SERVICES/DRIVERS ==========

Service khqlmxop stopped successfully!

Service khqlmxop deleted successfully!

Service bwsao stopped successfully!

Service bwsao deleted successfully!

========== COMMANDS ==========

Error: Unable to interpret <[emptytemp> in the current context!

OTL by OldTimer - Version 3.2.14.1 log created on 10042010_194906

All processes killed

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 1127526 bytes

->Flash cache emptied: 13412 bytes

User: NetworkService

->Temp folder emptied: 1792 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Java cache emptied: 19534 bytes

->Flash cache emptied: 22643 bytes

User: nzahirov

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 115776682 bytes

->Java cache emptied: 50555393 bytes

->FireFox cache emptied: 99910277 bytes

->Google Chrome cache emptied: 10441483 bytes

->Flash cache emptied: 5535742 bytes

User: Susan

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 78991 bytes

->FireFox cache emptied: 16903190 bytes

->Flash cache emptied: 927 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 2577 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 23009 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 557313 bytes

RecycleBin emptied: 4641525 bytes

Total Files Cleaned = 292.00 mb

OTL by OldTimer - Version 3.2.14.1 log created on 10042010_194947

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Nzah]

MBAM results follow... no infections found.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4741

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/4/2010 8:13:37 PM

mbam-log-2010-10-04 (20-13-37).txt

Scan type: Quick scan

Objects scanned: 173883

Time elapsed: 11 minute(s), 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[kahdah]

Great glad it is working better.

Please go ahead with the Eset scan and post the log when it completes.

[Nzah]

Hello,

Please find the log attached. Looks like all the files were already identified with the exception of the matlab related virus. Is this it then?

Thanks for all your help so far!

C:\Program Files\MATLAB\R2008a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adrtddm6420.mexw32 probably a variant of Win32/Agent.KRDRJQX trojan cleaned by deleting - quarantined

C:\Program Files\MATLAB\R2008a\toolbox\rtw\targets\xpc\target\build\xpcblocks\adrtddm6430.mexw32 probably a variant of Win32/Agent.FXHULZN trojan cleaned by deleting - quarantined

C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\yonrfjde.sys.vir a variant of Win32/Bubnix.AW trojan cleaned by deleting - quarantined

C:\System Volume Information\_restore{31B8BED5-9D7F-4557-ABBD-A1EED92B436E}\RP1\A0000060.sys Win32/Olmarik.ZC trojan cleaned - quarantined

[kahdah]

You are welcome

• Double click on OTL to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• When the window appears, underneath Output at the top change it to Minimal Output.
  
• Under the Standard Registry box change it to All.
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open one notepad window. OTL.Txt a This is saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.
    

[Nzah]

OTL log follows...

OTL logfile created on: 10/5/2010 8:03:02 AM - Run 2

OTL by OldTimer - Version 3.2.14.1 Folder = C:\Documents and Settings\nzahirov\Desktop

Windows XP Tablet PC Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free

4.00 Gb Paging File | 3.00 Gb Available in Paging File | 67.00% Paging File free

Paging file location(s): C:\pagefile.sys 1500 3000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 275.14 Gb Total Space | 144.41 Gb Free Space | 52.49% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JUKLEOPT

Current User Name: nzahirov

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\nzahirov\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Documents and Settings\nzahirov\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Documents and Settings\nzahirov\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (Google)

PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)

PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)

PRC - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)

PRC - C:\VXIPNP\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)

PRC - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\lktsrv.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\lkads.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)

PRC - C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

PRC - C:\WINDOWS\system32\lkcitdl.exe (National Instruments, Inc.)

PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()

PRC - C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

PRC - C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)

PRC - C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)

PRC - C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)

PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)

PRC - C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)

PRC - C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.)

PRC - C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.)

PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)

PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)

PRC - C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Tablet Shortcut\TSMResident.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Tablet Shortcut\ASR\ASRSVC.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Tablet Shortcut\TSMService.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)

PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.)

PRC - C:\Program Files\Lenovo\TrackPoint\tp4serv.exe (Lenovo Group Limited)

PRC - c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)

PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

PRC - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)

PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)

PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)

PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)

PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

PRC - C:\WINDOWS\system32\wisptis.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Microsoft Shared\Ink\tabtip.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Microsoft Shared\Ink\tcserver.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Microsoft Shared\Ink\keyboardsurrogate.exe (Microsoft Corporation)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

PRC - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)

PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)

PRC - C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)

PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()

PRC - C:\Program Files\Common Files\Lenovo\Logger\logmon.exe ()

PRC - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()

PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)

PRC - C:\WINDOWS\system32\TpKmpSvc.exe ()

PRC - C:\WINDOWS\system32\tabbtnu.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\nzahirov\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\wtsapi32.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation)

MOD - C:\Program Files\Common Files\Microsoft Shared\Ink\tiptsf.dll (Microsoft Corporation)

MOD - C:\Program Files\Common Files\Microsoft Shared\Ink\tipcomponentsps.dll (Microsoft Corporation)

MOD - C:\WINDOWS\ime\sptip.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msctfp.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)

MOD - C:\WINDOWS\ime\spgrmr.dll (Microsoft Corporation)

MOD - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\tvt_passwordmanager.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\css_dlgcustompolicy.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\css_banner.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\css_think_res.dll (Lenovo Group Limited)

MOD - C:\Program Files\Lenovo\Client Security Solution\csswait.dll (Lenovo Group Limited)

MOD - C:\WINDOWS\system32\cssuserdatadispatcher.dll (Lenovo Group Limited)

MOD - C:\WINDOWS\system32\tcsrpc.dll (Lenovo)

MOD - C:\WINDOWS\system32\tvttsp.dll (Lenovo)

MOD - C:\Program Files\Common Files\Lenovo\tvt_think_res.dll (Lenovo Group Limited)

MOD - C:\Program Files\Windows Journal\nbmaptip.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)

SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)

SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)

SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)

SRV - (nimDNSResponder) -- C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)

SRV - (niLXIDiscovery) -- C:\VXIPNP\WinNT\NIvisa\niLxiDiscovery.exe (National Instruments Corporation)

SRV - (niSvcLoc) -- C:\Program Files\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)

SRV - (NIApplicationWebServer) -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)

SRV - (mxssvr) -- C:\Program Files\National Instruments\MAX\nimxs.exe (National Instruments Corporation)

SRV - (NITaggerService) -- C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe (National Instruments Corporation)

SRV - (NIDomainService) -- C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)

SRV - (lkTimeSync) -- C:\WINDOWS\system32\lktsrv.exe (National Instruments Corporation)

SRV - (lkClassAds) -- C:\WINDOWS\system32\lkads.exe (National Instruments Corporation)

SRV - (nlsX86cc) -- C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)

SRV - (NILM License Manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

SRV - (nipxirmu) -- C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

SRV - (nidevldu) -- C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

SRV - (ni488enumsvc) -- C:\WINDOWS\system32\nipalsm.exe (National Instruments Corporation)

SRV - (LkCitadelServer) -- C:\WINDOWS\system32\lkcitdl.exe (National Instruments, Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)

SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()

SRV - (VMware NAT Service) -- C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

SRV - (VMAuthdService) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)

SRV - (VMnetDHCP) -- C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)

SRV - (VMUSBArbService) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

SRV - (ufad-ws60) -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)

SRV - (DynDNS Updater) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.)

SRV - (EvtEng) Intel® -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

SRV - (S24EventMonitor) Intel® -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)

SRV - (RegSrvc) Intel® -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)

SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)

SRV - (ASRSVC) -- C:\Program Files\ThinkPad\Tablet Shortcut\ASR\ASRSVC.exe (Lenovo Group Limited)

SRV - (TabletSVC) -- C:\Program Files\ThinkPad\Tablet Shortcut\TSMService.exe (Lenovo Group Limited)

SRV - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)

SRV - (SolidWorks Licensing Service) -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)

SRV - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)

SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)

SRV - (SUService) -- c:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)

SRV - (OpcEnum) -- C:\WINDOWS\system32\Opcenum.exe (OPC Foundation)

SRV - (btwdins) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)

SRV - (CoventorWare Architect License Service) -- C:\Coventor\CoventorWare2008\\licensing\NT40\lmgrd.fnet.exe ()

SRV - (CoventorWare Microfluidics Solvers License Service) -- C:\Coventor\CoventorWare2008\\licensing\NT40\lmgrd.exe ()

SRV - (CoventorWare License Service) -- C:\Coventor\CoventorWare2008\\licensing\NT40\lmgrd.exe ()

SRV - (TVT Scheduler) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)

SRV - (TSSCoreService) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (IBM)

SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)

SRV - (NiRioRpc) -- C:\WINDOWS\system32\NiRioRpc.exe (National Instruments Corporation)

SRV - (TVT Backup Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)

SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe ()

SRV - (tvtnetwk) -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe ()

SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

SRV - (TpKmpSVC) -- C:\WINDOWS\system32\TpKmpSvc.exe ()

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (usb6xxxk) -- C:\WINDOWS\System32\drivers\usb6xxxkl.sys File not found

DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found

DRV - (RimUsb) -- C:\WINDOWS\System32\Drivers\RimUsb.sys File not found

DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found

DRV - (NIUSBTMC) -- C:\WINDOWS\System32\DRIVERS\NIUSBTMC.sys File not found

DRV - (catchme) -- C:\TEMP\catchme.sys File not found

DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101004.003\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101004.003\NAVENG.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (WpsHelper) -- C:\WINDOWS\system32\drivers\wpshelper.sys (Symantec Corporation)

DRV - (WPS) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys (Symantec Corporation)

DRV - (SRTSPL) -- C:\WINDOWS\system32\drivers\srtspl.sys (Symantec Corporation)

DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\srtsp.sys (Symantec Corporation)

DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\srtspx.sys (Symantec Corporation)

DRV - (SysPlant) -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys (Symantec Corporation)

DRV - (Teefer2) -- C:\WINDOWS\system32\drivers\Teefer2.sys (Symantec Corporation)

DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)

DRV - (COH_Mon) -- C:\WINDOWS\system32\drivers\COH_Mon.sys (Symantec Corporation)

DRV - (NiViPxiK) -- C:\WINDOWS\system32\drivers\NiViPxiKl.sys (National Instruments Corporation)

DRV - (NiViPciK) -- C:\WINDOWS\system32\drivers\NiViPciKl.sys (National Instruments Corporation)

DRV - (nipalusbedl) -- C:\WINDOWS\system32\drivers\nipalusbedl.sys (National Instruments Corporation)

DRV - (NIPALK) -- C:\WINDOWS\System32\drivers\nipalk.sys (National Instruments Corporation)

DRV - (nipalfwedl) -- C:\WINDOWS\system32\drivers\nipalfwedl.sys (National Instruments Corporation)

DRV - (Usbtmc) -- C:\WINDOWS\system32\drivers\ausbtmc.sys (IVI Foundation)

DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)

DRV - (AlteraUSBBlaster) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)

DRV - (nipbcfk) -- C:\WINDOWS\System32\drivers\nipbcfk.sys (National Instruments Corporation)

DRV - (nimdbgk) -- C:\WINDOWS\system32\drivers\nimdbgkl.sys (National Instruments Corporation)

DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()

DRV - (VMnetBridge) -- C:\WINDOWS\system32\drivers\vmnetbridge.sys (VMware, Inc.)

DRV - (vmx86) -- C:\WINDOWS\system32\drivers\vmx86.sys (VMware, Inc.)

DRV - (vmci) -- C:\WINDOWS\system32\drivers\vmci.sys (VMware, Inc.)

DRV - (vmkbd) -- C:\WINDOWS\system32\drivers\VMkbd.sys (VMware, Inc.)

DRV - (VMnetuserif) -- C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware, Inc.)

DRV - (hcmon) -- C:\WINDOWS\system32\drivers\hcmon.sys (VMware, Inc.)

DRV - (VMnetAdapter) -- C:\WINDOWS\system32\drivers\vmnetadapter.sys (VMware, Inc.)

DRV - (vstor2-ws60) -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)

DRV - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()

DRV - (NETw5x32) Intel® -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)

DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)

DRV - (tvtfilter) -- C:\WINDOWS\system32\drivers\tvtfilter.sys (Lenovo)

DRV - (TSMSMI) -- C:\WINDOWS\system32\drivers\tsmsmi32.sys (Lenovo Group Limited)

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (cvintdrv) -- C:\WINDOWS\System32\drivers\cvintdrv.sys ()

DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()

DRV - (nimxdfk) -- C:\WINDOWS\system32\drivers\nimxdfkl.sys (National Instruments Corporation)

DRV - (nidimk) -- C:\WINDOWS\system32\drivers\nidimkl.sys (National Instruments Corporation)

DRV - (nipxirmk) -- C:\WINDOWS\system32\drivers\nipxirmkl.sys (National Instruments Corporation)

DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)

DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)

DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)

DRV - (Tp4Track) -- C:\WINDOWS\system32\drivers\tp4track.sys (Lenovo Group Limited)

DRV - (e1express) Intel® -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)

DRV - (ni1045k) -- C:\WINDOWS\system32\drivers\ni1045kl.sys (National Instruments Corporation)

DRV - (niorbk) -- C:\WINDOWS\system32\drivers\niorbkl.sys (National Instruments Corporation)

DRV - (ni1065k) -- C:\WINDOWS\system32\drivers\ni1065k.sys (National Instruments Corporation)

DRV - (ni1006k) -- C:\WINDOWS\system32\drivers\ni1006k.sys (National Instruments Corporation)

DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)

DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)

DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)

DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)

DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)

DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)

DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)

DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)

DRV - (nipxigpk) -- C:\WINDOWS\system32\drivers\nipxigpk.sys (National Instruments Corporation)

DRV - (pmem) -- C:\WINDOWS\system32\drivers\pmemnt.sys (Microsoft Corporation)

DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (Lenovo Group Limited)

DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)

DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)

DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)

DRV - (MSDV) -- C:\WINDOWS\system32\drivers\msdv.sys (Microsoft Corporation)

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)

DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)

DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (nihsdrk) -- C:\WINDOWS\system32\drivers\nihsdrkl.sys (National Instruments Corporation)

DRV - (nixsrk) -- C:\WINDOWS\system32\drivers\nixsrkl.sys (National Instruments Corporation)

DRV - (niwfrk) -- C:\WINDOWS\system32\drivers\niwfrkl.sys (National Instruments Corporation)

DRV - (nissrk) -- C:\WINDOWS\system32\drivers\nissrkl.sys (National Instruments Corporation)

DRV - (niesrk) -- C:\WINDOWS\system32\drivers\niesrkl.sys (National Instruments Corporation)

DRV - (niemrkw) -- C:\WINDOWS\system32\drivers\niemrkw.sys (National Instruments Corporation)

DRV - (niemrk) -- C:\WINDOWS\system32\drivers\niemrkl.sys (National Instruments Corporation)

DRV - (nipsdk) -- C:\WINDOWS\system32\drivers\nipsdkl.sys (National Instruments Corporation)

DRV - (nimru2k) -- C:\WINDOWS\system32\drivers\nimru2kl.sys (National Instruments Corporation)

DRV - (ninshsdk) -- C:\WINDOWS\system32\drivers\ninshsdkl.sys (National Instruments Corporation)

DRV - (nidsark) -- C:\WINDOWS\system32\drivers\nidsarkl.sys (National Instruments Corporation)

DRV - (niscdk) -- C:\WINDOWS\system32\drivers\niscdkl.sys (National Instruments Corporation)

DRV - (nispdk) -- C:\WINDOWS\system32\drivers\nispdkl.sys (National Instruments Corporation)

DRV - (nitiork) -- C:\WINDOWS\system32\drivers\nitiorkl.sys (National Instruments Corporation)

DRV - (nimsdrk) -- C:\WINDOWS\system32\drivers\nimsdrkl.sys (National Instruments Corporation)

DRV - (niswdk) -- C:\WINDOWS\system32\drivers\niswdkl.sys (National Instruments Corporation)

DRV - (nisdigk) -- C:\WINDOWS\system32\drivers\nisdigkl.sys (National Instruments Corporation)

DRV - (usb6xxxkw) -- C:\WINDOWS\system32\drivers\usb6xxxkw.sys (National Instruments Corporation)

DRV - (nisftk) -- C:\WINDOWS\system32\drivers\nisftkl.sys (National Instruments Corporation)

DRV - (nifslk) -- C:\WINDOWS\system32\drivers\nifslkl.sys (National Instruments Corporation)

DRV - (nistcrk) -- C:\WINDOWS\system32\drivers\nistcrkl.sys (National Instruments Corporation)

DRV - (nicdrk) -- C:\WINDOWS\system32\drivers\nicdrkl.sys (National Instruments Corporation)

DRV - (nistc2k) -- C:\WINDOWS\system32\drivers\nistc2kl.sys (National Instruments Corporation)

DRV - (nidmxfk) -- C:\WINDOWS\system32\drivers\nidmxfkl.sys (National Instruments Corporation)

DRV - (nimxpk) -- C:\WINDOWS\system32\drivers\nimxpkl.sys (National Instruments Corporation)

DRV - (nimstsk) -- C:\WINDOWS\system32\drivers\nimstskl.sys (National Instruments Corporation)

DRV - (nirfsa2k) -- C:\WINDOWS\system32\drivers\niRFSA2kl.sys (National Instruments Corporation)

DRV - (nimsrlk) -- C:\WINDOWS\system32\drivers\nimsrlk.dll (National Instruments Corporation)

DRV - (nimslk) -- C:\WINDOWS\system32\drivers\nimslk.dll (National Instruments Corporation)

DRV - (nisldk) -- C:\WINDOWS\system32\drivers\nisldkl.sys (National Instruments Corporation)

DRV - (nisrcdk) -- C:\WINDOWS\system32\drivers\nisrcdkl.sys (National Instruments Corporation)

DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)

DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)

DRV - (NETw4x32) Intel® -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)

DRV - (nidmmk) -- C:\WINDOWS\system32\drivers\nidmmk.dll (National Instruments Corporation)

DRV - (Nidaq32k) -- C:\WINDOWS\System32\drivers\nidaq32k.sys (National Instruments Corporation)

DRV - (nistck) -- C:\WINDOWS\system32\drivers\niSTCk.dll (National Instruments Corporation)

DRV - (nimdsk) -- C:\WINDOWS\system32\drivers\nimdsk.dll (National Instruments Corporation)

DRV - (nibffrk) -- C:\WINDOWS\system32\drivers\nibffrk.dll (National Instruments Corporation)

DRV - (niarbk) -- C:\WINDOWS\system32\drivers\niarbk.dll (National Instruments Corporation)

DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)

DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)

DRV - (gpibprtk) -- C:\WINDOWS\system32\drivers\gpibprtk.sys (National Instruments Corporation)

DRV - (ni488lock) -- C:\WINDOWS\system32\drivers\ni488lock.sys (National Instruments Corporation)

DRV - (nitnr2k) -- C:\WINDOWS\system32\drivers\nitnr2kl.sys (National Instruments Corporation)

DRV - (nidwgk) -- C:\WINDOWS\system32\drivers\nidwgkl.sys (National Instruments Corporation)

DRV - (nigplk) -- C:\WINDOWS\system32\drivers\nigplkl.sys (National Instruments Corporation)

DRV - (TVTPktFilter) -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys (Lenovo Group Limited)

DRV - (lvalarmk) -- C:\WINDOWS\system32\drivers\lvalarmk.sys (National Instruments Corporation)

DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited)

DRV - (Sntnlusb) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (Rainbow Technologies Inc.)

DRV - (Sentinel) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)

DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\tkbtnpn.sys (Lenovo)

DRV - (atmeltpm) -- C:\WINDOWS\system32\drivers\atmeltpm.sys (Atmel, Inc.)

DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)

DRV - (DS1410D) -- C:\WINDOWS\system32\drivers\DS1410d.SYS (Dallas Semiconductor MAXIM)

DRV - (SIF32X) -- C:\WINDOWS\system32\drivers\SiF32x.sys (Silicon Laboratories)

DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)

DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)

DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)

DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)

DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)

DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)

DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)

DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)

DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)

DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)

DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)

DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)

DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)

DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (TwoTrack) -- C:\WINDOWS\system32\drivers\TwoTrack.sys (IBM Corporation)

DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2

FF - prefs.js..extensions.enabledItems: {CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}:1.5.2.35

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1

FF - prefs.js..extensions.enabledItems: npminuwet@uwaterloo.ca:2.0.0.1

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.13

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/17 10:21:06 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/07 19:12:16 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/05 08:00:57 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/05 08:00:57 | 000,000,000 | ---D | M]

[2008/08/27 19:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Extensions

[2008/08/27 19:33:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/10/04 10:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions

[2009/08/18 09:28:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/03/14 23:10:24 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}

[2010/05/11 09:03:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2009/09/13 06:43:30 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2009/07/13 09:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nzahirov\Application Data\Mozilla\Firefox\Profiles\mb4v5p2v.default\extensions\npminuwet@uwaterloo.ca

[2010/10/04 10:16:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/10/05 08:00:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2008/09/08 20:26:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

[2008/10/26 17:33:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

[2008/12/07 19:12:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

[2009/11/08 11:04:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

[2010/10/05 08:00:39 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll

[2010/10/05 08:00:39 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll

[2010/02/04 21:35:19 | 000,027,960 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll

[2010/02/04 21:35:20 | 000,126,344 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll

[2009/08/06 10:57:58 | 000,046,408 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\atmccli.dll

[2010/02/04 21:35:29 | 000,098,696 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\ieatgpc.dll

[2009/05/01 17:02:48 | 001,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll

[2009/08/06 10:57:12 | 000,061,840 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll

[2009/10/11 05:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll

[2008/09/15 20:11:52 | 001,335,600 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll

[2008/09/15 20:12:12 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll

[2010/06/25 13:57:18 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv2010win32.dll

[2006/01/23 10:32:04 | 000,020,992 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV80Win32.dll

[2007/02/08 10:48:16 | 000,028,448 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\NPLV82Win32.dll

[2007/07/24 19:03:42 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv85win32.dll

[2008/12/10 14:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv86win32.dll

[2010/05/25 12:43:16 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files\Mozilla Firefox\plugins\nplv90win32.dll

[2010/10/05 08:00:50 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll

[2009/12/21 19:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

[2009/09/09 22:07:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

[2009/09/03 11:53:00 | 000,030,912 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

[2009/05/01 17:02:48 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll

[2010/10/05 08:00:52 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml

[2010/10/05 08:00:52 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml

[2010/10/05 08:00:52 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml

[2010/10/05 08:00:52 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml

[2010/10/05 08:00:52 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml

[2010/10/05 08:00:52 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

[2010/10/05 08:00:52 | 000,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/09/30 15:07:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [bLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()

O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)

O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [installValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] C:\Program Files\National Instruments\Shared\NIUninstaller\InstallValidator.exe ()

O4 - HKLM..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [LENTBCTL] C:\Program Files\ThinkPad\Tablet Shortcut\LENTBCTL.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [NI Background Service] C:\Program Files\National Instruments\Shared\Update Service\niupdate.exe (National Instruments)

O4 - HKLM..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe (National Instruments Corporation)

O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [TabletButton] C:\Program Files\ThinkPad\Tablet Shortcut\TabletButton.EXE (Lenovo Group Limited )

O4 - HKLM..\Run: [TabletTip] C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe (Microsoft Corporation)

O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)

O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)

O4 - HKLM..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TSMResident] C:\Program Files\ThinkPad\Tablet Shortcut\TSMRESIDENT.EXE (Lenovo Group Limited)

O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Google Update] C:\Documents and Settings\nzahirov\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.)

O4 - Startup: C:\Documents and Settings\nzahirov\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} http://download.ppstream.com/bin/powerplayer.cab (PowerList Control)

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/as...abs/tgctlsr.cab (Symantec Script Runner Class)

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.3.7.cab (DLM Control)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupd...b?1211688977287 (WUWebControl Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\OrCAD\OrCAD_10.5\tools\capture\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\OrCAD\OrCAD_10.5\tools\capture\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\WINDOWS\system32\acaptuser32.dll) - C:\WINDOWS\system32\acaptuser32.dll (Adobe Systems, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\loginkey: DllName - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll (Microsoft Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\TabBtnWL: DllName - TabBtnWL.dll - C:\WINDOWS\System32\tabbtnwl.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()

O20 - Winlogon\Notify\tpgwlnotify: DllName - tpgwlnot.dll - C:\WINDOWS\System32\tpgwlnot.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/04/30 19:14:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found

O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

[Nzah]

========== Files/Folders - Created Within 30 Days ==========

[2010/10/04 21:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nzahirov\Desktop\LabVIEW 2009

[2010/10/04 20:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2010/10/04 19:49:06 | 000,000,000 | ---D | C] -- C:\_OTL

[2010/10/04 19:48:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\nzahirov\Desktop\OTL.exe

[2010/10/04 10:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2010/10/04 10:37:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

[2010/10/04 10:37:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010/10/04 10:25:44 | 000,167,936 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\wpshelper.sys

[2010/10/04 10:24:28 | 000,097,096 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SysPlant.sys

[2010/10/04 10:23:58 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS

[2010/10/04 10:23:58 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL

[2010/10/04 10:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2010/09/30 13:49:15 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/09/30 13:44:37 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/09/30 13:44:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/09/30 13:44:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/09/30 13:44:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/09/30 13:42:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/09/30 13:38:51 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/09/30 09:01:23 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll

[2010/09/30 09:01:19 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll

[2010/09/30 09:01:10 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe

[2010/09/30 09:00:55 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe

[2010/09/30 09:00:50 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys

[2010/09/30 09:00:49 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys

[2010/09/30 09:00:45 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys

[2010/09/30 09:00:44 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll

[2010/09/30 09:00:33 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys

[2010/09/30 09:00:31 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys

[2010/09/30 09:00:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys

[2010/09/30 09:00:19 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys

[2010/09/30 09:00:14 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll

[2010/09/30 09:00:13 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll

[2010/09/30 09:00:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys

[2010/09/30 09:00:08 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys

[2010/09/30 09:00:07 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys

[2010/09/30 09:00:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys

[2010/09/30 09:00:02 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys

[2010/09/30 09:00:00 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys

[2010/09/30 08:59:59 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys

[2010/09/30 08:59:58 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys

[2010/09/30 08:59:57 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll

[2010/09/30 08:59:56 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys

[2010/09/30 08:59:55 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys

[2010/09/30 08:59:54 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys

[2010/09/30 08:59:49 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys

[2010/09/30 08:59:45 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys

[2010/09/30 08:59:41 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys

[2010/09/30 08:59:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll

[2010/09/30 08:59:40 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll

[2010/09/30 08:59:40 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2010/09/30 08:59:39 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll

[2010/09/30 08:59:35 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys

[2010/09/30 08:59:31 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys

[2010/09/30 08:59:26 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys

[2010/09/30 08:59:22 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys

[2010/09/30 08:59:18 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys

[2010/09/30 08:59:12 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys

[2010/09/30 08:59:08 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys

[2010/09/30 08:59:04 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys

[2010/09/30 08:59:00 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys

[2010/09/30 08:58:56 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys

[2010/09/30 08:58:52 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys

[2010/09/30 08:58:48 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys

[2010/09/30 08:58:44 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys

[2010/09/30 08:58:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys

[2010/09/30 08:58:41 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys

[2010/09/30 08:58:39 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys

[2010/09/30 08:58:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll

[2010/09/30 08:58:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll

[2010/09/30 08:58:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll

[2010/09/30 08:58:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll

[2010/09/30 08:58:17 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll

[2010/09/30 08:58:13 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys

[2010/09/30 08:58:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll

[2010/09/30 08:58:05 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll

[2010/09/30 08:58:01 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll

[2010/09/30 08:57:57 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll

[2010/09/30 08:57:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe

[2010/09/30 08:57:51 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys

[2010/09/30 08:57:47 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll

[2010/09/30 08:57:43 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys

[2010/09/30 08:57:39 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll

[2010/09/30 08:57:35 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys

[2010/09/30 08:57:31 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll

[2010/09/30 08:57:27 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys

[2010/09/30 08:57:22 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys

[2010/09/30 08:57:19 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys

[2010/09/30 08:57:15 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys

[2010/09/30 08:57:10 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys

[2010/09/30 08:57:08 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll

[2010/09/30 08:57:04 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys

[2010/09/30 08:57:00 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll

[2010/09/30 08:56:59 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys

[2010/09/30 08:56:58 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys

[2010/09/30 08:56:55 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys

[2010/09/30 08:56:51 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys

[2010/09/30 08:56:51 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys

[2010/09/30 08:56:50 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys

[2010/09/30 08:56:46 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys

[2010/09/30 08:56:42 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys

[2010/09/30 08:56:38 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys

[2010/09/30 08:56:34 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll

[2010/09/30 08:56:29 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll

[2010/09/30 08:56:25 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys

[2010/09/30 08:56:22 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys

[2010/09/30 08:56:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll

[2010/09/30 08:56:15 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll

[2010/09/30 08:56:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll

[2010/09/30 08:56:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll

[2010/09/30 08:56:03 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll

[2010/09/30 08:56:00 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll

[2010/09/30 08:55:56 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys

[2010/09/30 08:55:52 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys

[2010/09/30 08:55:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll

[2010/09/30 08:55:47 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys

[2010/09/30 08:55:43 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll

[2010/09/30 08:55:43 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll

[2010/09/30 08:55:38 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll

[2010/09/30 08:55:34 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys

[2010/09/30 08:55:30 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll

[2010/09/30 08:55:26 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys

[2010/09/30 08:55:23 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys

[2010/09/30 08:55:19 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll

[2010/09/30 08:55:16 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys

[2010/09/30 08:55:12 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys

[2010/09/30 08:55:11 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll

[2010/09/30 08:55:11 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys

[2010/09/30 08:55:07 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys

[2010/09/30 08:55:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll

[2010/09/30 08:55:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2010/09/30 08:55:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2010/09/30 08:55:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll

[2010/09/30 08:55:00 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys

[2010/09/30 08:55:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll

[2010/09/30 08:54:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll

[2010/09/30 08:54:56 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll

[2010/09/30 08:54:52 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys

[2010/09/30 08:54:48 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys

[2010/09/30 08:54:45 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys

[2010/09/30 08:54:41 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys

[2010/09/30 08:54:40 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys

[2010/09/30 08:54:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll

[2010/09/30 08:54:39 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys

[2010/09/30 08:54:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll

[2010/09/30 08:54:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll

[2010/09/30 08:54:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll

[2010/09/30 08:54:28 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll

[2010/09/30 08:54:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll

[2010/09/30 08:54:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll

[2010/09/30 08:54:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll

[2010/09/30 08:54:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll

[2010/09/30 08:54:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll

[2010/09/30 08:54:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll

[2010/09/30 08:54:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll

[2010/09/30 08:54:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll

[2010/09/30 08:54:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll

[2010/09/30 08:54:23 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll

[2010/09/30 08:54:23 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll

[2010/09/30 08:54:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll

[2010/09/30 08:54:21 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys

[2010/09/30 08:54:17 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys

[2010/09/30 08:54:14 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys

[2010/09/30 08:54:10 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll

[2010/09/30 08:54:07 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys

[2010/09/30 08:54:06 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys

[2010/09/30 08:54:02 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll

[2010/09/30 08:53:59 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys

[2010/09/30 08:53:55 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll

[2010/09/30 08:53:52 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys

[2010/09/30 08:53:48 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll

[2010/09/30 08:53:45 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys

[2010/09/30 08:53:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll

[2010/09/30 08:53:38 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys

[2010/09/30 08:53:34 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys

[2010/09/30 08:53:31 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys

[2010/09/30 08:53:27 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll

[2010/09/30 08:53:24 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys

[2010/09/30 08:53:19 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys

[2010/09/30 08:53:16 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys

[2010/09/30 08:53:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2010/09/30 08:53:11 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys

[2010/09/30 08:53:10 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys

[2010/09/30 08:53:07 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys

[2010/09/30 08:53:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2010/09/30 08:53:03 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys

[2010/09/30 08:52:59 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys

[2010/09/30 08:52:55 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys

[2010/09/30 08:52:52 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys

[2010/09/30 08:52:50 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys

[2010/09/30 08:52:47 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll

[2010/09/30 08:52:43 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys

[2010/09/30 08:52:39 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll

[2010/09/30 08:52:36 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys

[2010/09/30 08:52:32 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll

[2010/09/30 08:52:29 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys

[2010/09/30 08:52:25 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll

[2010/09/30 08:52:22 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll

[2010/09/30 08:52:19 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll

[2010/09/30 08:52:15 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys

[2010/09/30 08:52:12 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll

[2010/09/30 08:52:08 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys

[2010/09/30 08:52:05 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys

[2010/09/30 08:52:01 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll

[2010/09/30 08:51:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll

[2010/09/30 08:51:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2010/09/30 08:51:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2010/09/30 08:51:56 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll

[2010/09/30 08:51:55 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll

[2010/09/30 08:51:54 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys

[2010/09/30 08:51:50 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys

[2010/09/30 08:51:47 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys

[2010/09/30 08:51:43 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll

[2010/09/30 08:51:39 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys

[2010/09/30 08:51:37 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys

[2010/09/30 08:51:33 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys

[2010/09/30 08:51:29 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll

[2010/09/30 08:51:29 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe

[2010/09/30 08:51:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe

[2010/09/30 08:51:22 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys

[2010/09/30 08:51:18 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys

[2010/09/30 08:51:15 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys

[2010/09/30 08:51:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll

[2010/09/30 08:51:08 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys

[2010/09/30 08:51:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe

[2010/09/30 08:51:07 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe

[2010/09/30 08:51:05 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys

[2010/09/30 08:51:00 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys

[2010/09/30 08:50:57 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys

[2010/09/30 08:50:53 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys

[2010/09/30 08:50:52 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll

[2010/09/30 08:50:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll

[2010/09/30 08:50:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll

[2010/09/30 08:50:40 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys

[2010/09/30 08:50:38 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys

[2010/09/30 08:50:34 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys

[2010/09/30 08:50:33 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys

[2010/09/30 08:50:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys

[2010/09/30 08:50:29 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll

[2010/09/30 08:50:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll

[2010/09/30 08:50:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll

[2010/09/30 08:50:24 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll

[2010/09/30 08:50:20 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys

[2010/09/30 08:50:17 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys

[2010/09/30 08:50:13 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys

[2010/09/30 08:50:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys

[2010/09/30 08:50:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll

[2010/09/30 08:50:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax

[2010/09/30 08:50:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll

[2010/09/30 08:50:02 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll

[2010/09/30 08:50:01 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys

[2010/09/30 08:50:00 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll

[2010/09/30 08:49:59 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys

[2010/09/30 08:49:58 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys

[2010/09/30 08:49:54 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe

[2010/09/30 08:49:51 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys

[2010/09/30 08:49:48 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys

[2010/09/30 08:49:44 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys

[2010/09/30 08:49:41 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys

[2010/09/30 08:49:40 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys

[2010/09/30 08:49:37 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys

[2010/09/30 08:49:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll

[2010/09/30 08:49:35 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll

[2010/09/30 08:49:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll

[2010/09/30 08:49:31 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll

[2010/09/30 08:49:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll

[2010/09/30 08:49:24 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys

[2010/09/30 08:49:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe

[2010/09/30 08:49:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll

[2010/09/30 08:49:15 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys

[2010/09/30 08:49:11 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll

[2010/09/30 08:49:08 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys

[2010/09/30 08:49:05 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys

[2010/09/30 08:49:01 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys

[2010/09/30 08:48:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys

[2010/09/30 08:48:55 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys

[2010/09/30 08:48:52 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys

[2010/09/30 08:48:48 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys

[2010/09/30 08:48:45 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys

[2010/09/30 08:48:39 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys

[2010/09/30 08:48:35 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll

[2010/09/30 08:48:30 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys

[2010/09/30 08:48:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2010/09/30 08:48:26 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys

[2010/09/30 08:48:22 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys

[2010/09/30 08:48:21 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys

[2010/09/30 08:48:17 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys

[2010/09/30 08:48:14 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys

[2010/09/30 08:48:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll

[2010/09/30 08:48:10 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys

[2010/09/30 08:48:09 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys

[2010/09/30 08:48:05 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys

[2010/09/30 08:48:01 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys

[2010/09/30 08:47:58 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll

[2010/09/30 08:47:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys

[2010/09/30 08:47:50 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll

[2010/09/30 08:47:47 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys

[2010/09/30 08:47:44 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys

[2010/09/30 08:47:41 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll

[2010/09/30 08:47:38 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys

[2010/09/30 08:47:34 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll

[2010/09/30 08:47:31 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys

[2010/09/30 08:47:28 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys

[2010/09/30 08:47:25 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys

[2010/09/30 08:47:22 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll

[2010/09/30 08:47:19 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys

[2010/09/30 08:47:16 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll

[2010/09/30 08:47:13 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys

[2010/09/30 08:47:12 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll

[2010/09/30 08:47:09 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys

[2010/09/30 08:47:03 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys

[2010/09/30 08:46:59 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys

[2010/09/30 08:46:53 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys

[2010/09/30 08:46:52 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex

[2010/09/30 08:46:52 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys

[2010/09/30 08:46:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll

[2010/09/30 08:46:45 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys

[2010/09/30 08:46:42 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys

[2010/09/30 08:46:35 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys

[2010/09/30 08:46:31 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys

[2010/09/30 08:46:26 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys

[2010/09/30 08:46:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe

[2010/09/30 08:46:22 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys

[2010/09/30 08:46:19 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll

[2010/09/30 08:46:18 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys

[2010/09/30 08:46:18 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll

[2010/09/30 08:46:17 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys

[2010/09/30 08:46:14 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll

[2010/09/30 08:46:11 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys

[2010/09/30 08:46:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll

[2010/09/30 08:46:07 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys

[2010/09/30 08:46:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2010/09/30 08:46:03 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys

[2010/09/30 08:45:59 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys

[2010/09/30 08:45:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll

[2010/09/30 08:45:53 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll

[2010/09/30 08:45:50 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys

[2010/09/30 08:45:50 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys

[2010/09/30 08:45:47 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys

[2010/09/30 08:45:44 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys

[2010/09/30 08:45:43 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys

[2010/09/30 08:45:43 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys

[2010/09/30 08:45:40 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys

[2010/09/30 08:45:39 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys

[2010/09/30 08:45:36 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys

[2010/09/30 08:45:33 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys

[2010/09/30 08:45:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll

[2010/09/30 08:45:29 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys

[2010/09/30 08:45:26 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys

[2010/09/30 08:45:23 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys

[2010/09/30 08:45:19 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys

[2010/09/30 08:45:19 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys

[2010/09/30 08:45:16 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys

[2010/09/30 08:45:13 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys

[2010/09/30 08:45:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll

[2010/09/30 08:45:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll

[2010/09/30 08:45:07 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll

[2010/09/30 08:45:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll

[2010/09/30 08:45:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll

[2010/09/30 08:45:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll

[2010/09/30 08:45:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll

[2010/09/30 08:45:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll

[2010/09/30 08:44:59 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll

[2010/09/30 08:44:57 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll

[2010/09/30 08:44:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll

[2010/09/30 08:44:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll

[2010/09/30 08:44:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll

[2010/09/30 08:44:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll

[2010/09/30 08:44:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll

[2010/09/30 08:44:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll

[2010/09/30 08:44:40 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll

[2010/09/30 08:44:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll

[2010/09/30 08:44:37 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys

[2010/09/30 08:44:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll

[2010/09/30 08:44:34 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys

[2010/09/30 08:44:31 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys

[2010/09/30 08:44:30 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe

[2010/09/30 08:44:30 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys

[2010/09/30 08:44:25 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys

[2010/09/30 08:44:22 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll

[2010/09/30 08:44:20 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys

[2010/09/30 08:44:17 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys

[2010/09/30 08:44:16 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll

[2010/09/30 08:44:14 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll

[2010/09/30 08:44:13 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe

[2010/09/30 08:44:12 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe

[2010/09/30 08:44:10 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe

[2010/09/30 08:44:09 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe

[2010/09/30 08:44:09 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll

[2010/09/30 08:44:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe

[2010/09/30 08:44:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll

[2010/09/30 08:44:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe

[2010/09/30 08:44:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll

[2010/09/30 08:44:05 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll

[2010/09/30 08:43:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll

[2010/09/30 08:43:55 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys

[2010/09/30 08:43:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll

[2010/09/30 08:43:50 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll

[2010/09/30 08:43:47 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys

[2010/09/30 08:43:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll

[2010/09/30 08:43:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll

[2010/09/30 08:43:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll

[2010/09/30 08:43:36 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys

[2010/09/30 08:43:34 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys

[2010/09/30 08:43:31 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys

[2010/09/30 08:43:28 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys

[2010/09/30 08:43:26 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll

[2010/09/30 08:43:23 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys

[2010/09/30 08:43:22 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys

[2010/09/30 08:43:21 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll

[2010/09/30 08:43:18 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys

[2010/09/30 08:43:16 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll

[2010/09/30 08:43:15 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll

[2010/09/30 08:43:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll

[2010/09/30 08:43:09 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys

[2010/09/30 08:43:06 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys

[2010/09/30 08:43:04 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys

[2010/09/30 08:43:01 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys

[2010/09/30 08:42:58 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys

[2010/09/30 08:42:56 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys

[2010/09/30 08:42:53 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys

[2010/09/30 08:42:50 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll

[2010/09/30 08:42:47 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys

[2010/09/30 08:42:45 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys

[2010/09/30 08:42:42 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys

[2010/09/30 08:42:40 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys

[2010/09/30 08:42:37 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys

[2010/09/30 08:42:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll

[2010/09/30 08:42:31 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys

[2010/09/30 08:42:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll

[2010/09/30 08:42:26 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll

[2010/09/30 08:42:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll

[2010/09/30 08:42:21 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll

[2010/09/30 08:42:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll

[2010/09/30 08:42:10 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll

[2010/09/30 08:42:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll

[2010/09/30 08:42:00 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll

[2010/09/30 08:41:55 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll

[2010/09/30 08:41:51 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys

[2010/09/30 08:41:49 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys

[2010/09/30 08:41:48 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys

[2010/09/30 08:41:45 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys

[2010/09/30 08:41:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll

[2010/09/30 08:41:43 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys

[2010/09/30 08:41:40 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys

[2010/09/30 08:41:38 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys

[2010/09/30 08:41:36 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys

[2010/09/30 08:41:36 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys

[2010/09/30 08:41:33 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys

[2010/09/30 08:41:31 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll

[2010/09/30 08:41:29 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys

[2010/09/30 08:41:27 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll

[2010/09/30 08:41:24 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys

[2010/09/30 08:41:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll

[2010/09/30 08:41:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe

[2010/09/30 08:41:19 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll

[2010/09/30 08:41:19 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll

[2010/09/30 08:41:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll

[2010/09/30 08:41:14 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys

[2010/09/30 08:41:11 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys

[2010/09/30 08:41:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2010/09/30 08:41:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll

[2010/09/30 08:41:07 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys

[2010/09/30 08:41:05 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys

[2010/09/30 08:41:03 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys

[2010/09/30 08:41:01 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys

[2010/09/30 08:40:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll

[2010/09/30 08:40:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe

[2010/09/30 08:40:56 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys

[2010/09/30 08:40:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll

[2010/09/30 08:40:49 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys

[2010/09/30 08:40:46 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys

[2010/09/30 08:40:44 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys

[2010/09/30 08:40:42 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys

[2010/09/30 08:40:40 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys

[2010/09/30 08:40:37 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys

[2010/09/30 08:40:35 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys

[2010/09/30 08:40:33 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll

[2010/09/30 08:40:33 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys

[2010/09/30 08:40:31 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll

[2010/09/30 08:40:29 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll

[2010/09/30 08:40:29 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll

[2010/09/30 08:40:26 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll

[2010/09/30 08:40:26 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll

[2010/09/30 08:40:24 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys

[2010/09/30 08:40:24 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll

[2010/09/30 08:40:21 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys

[2010/09/30 08:40:19 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys

[2010/09/30 08:40:17 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys

[2010/09/30 08:40:15 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys

[2010/09/30 08:40:13 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys

[2010/09/30 08:40:11 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys

[2010/09/30 08:40:09 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys

[2010/09/30 08:40:07 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys

[2010/09/30 08:40:05 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe

[2010/09/30 08:40:03 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe

[2010/09/30 08:40:01 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe

[2010/09/30 08:39:58 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys

[2010/09/30 08:39:56 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys

[2010/09/30 08:39:54 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys

[2010/09/30 08:39:53 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys

[2010/09/30 08:39:51 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys

[2010/09/30 08:39:47 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys

[2010/09/30 08:39:46 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys

[2010/09/30 08:39:44 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys

[2010/09/30 08:39:43 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys

[2010/09/30 08:39:41 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys

[2010/09/30 08:39:40 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys

[2010/09/30 08:39:39 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys

[2010/09/30 08:39:37 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys

[2010/09/30 08:39:36 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys

[2010/09/30 08:39:34 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys

[2010/09/30 08:39:33 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys

[2010/09/30 08:39:32 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys

[2010/09/30 08:39:30 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys

[2010/09/30 08:39:29 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys

[2010/09/30 08:39:27 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys

[2010/09/30 08:39:26 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys

[2010/09/30 08:39:25 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys

[2010/09/30 08:39:24 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll

[2010/09/30 08:39:23 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys

[2010/09/30 08:39:21 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys

[2010/09/30 08:39:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys

[2010/09/30 08:39:15 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys

[2010/09/30 08:39:13 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys

[2010/09/30 08:39:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys

[2010/09/30 08:39:11 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys

[2010/09/30 08:39:10 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys

[2010/09/30 08:39:07 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys

[2010/09/30 08:39:07 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys

[2010/09/30 08:39:06 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys

[2010/09/30 08:39:04 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys

[2010/09/30 08:38:59 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe

[2010/09/30 08:38:58 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll

[2010/09/30 08:38:57 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll

[2010/09/30 08:38:56 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll

[2010/09/30 08:38:54 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys

[2010/09/30 08:38:53 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe

[2010/09/30 08:38:51 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys

[2010/09/30 08:38:50 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll

[2010/09/30 08:38:49 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys

[2010/09/30 08:38:48 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll

[2010/09/30 08:38:47 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll

[2010/09/30 08:38:45 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll

[2010/09/30 08:38:44 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll

[2010/09/30 08:38:43 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys

[2010/09/30 08:38:42 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys

[2010/09/30 08:38:41 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll

[2010/09/30 08:38:39 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys

[2010/09/30 08:38:38 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll

[2010/09/30 08:38:36 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll

[2010/09/30 08:38:35 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys

[2010/09/30 08:38:33 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys

[2010/09/30 08:38:32 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys

[2010/09/30 08:38:31 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe

[2010/09/30 08:38:30 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll

[2010/09/30 08:38:28 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys

[2010/09/30 08:38:27 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys

[2010/09/30 08:38:25 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll

[2010/09/30 08:38:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll

[2010/09/30 08:38:23 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys

[2010/09/30 08:38:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll

[2010/09/30 08:38:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll

[2010/09/30 08:38:18 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys

[2010/09/30 08:38:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll

[2010/09/30 08:38:15 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys

[2010/09/30 08:38:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll

[2010/09/30 08:38:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll

[2010/09/30 08:38:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys

[2010/09/30 08:38:11 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll

[2010/09/30 08:38:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys

[2010/09/30 08:38:08 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys

[2010/09/30 08:38:08 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys

[2010/09/30 08:38:07 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys

[2010/09/30 08:38:06 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys

[2010/09/30 08:38:04 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys

[2010/09/30 08:38:03 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys

[2010/09/30 08:38:02 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys

[2010/09/30 08:38:01 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys

[2010/09/30 08:38:00 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll

[2010/09/30 08:37:59 | 000,249,856 | ---- | C] (Comtrol

[Nzah]

========== Files Created - No Company Name ==========

[2010/10/04 23:03:04 | 000,111,472 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\https___web.ticketking.com_TK_printer.pdf

[2010/10/04 11:57:04 | 000,002,316 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Google Chrome.lnk

[2010/10/04 11:57:04 | 000,002,294 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2010/10/04 10:23:58 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT

[2010/10/04 10:23:58 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF

[2010/09/30 13:49:22 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/09/30 13:49:16 | 000,260,272 | RHS- | C] () -- C:\cmldr

[2010/09/30 13:44:37 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/09/30 13:44:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/09/30 13:44:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/09/30 13:44:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/09/30 13:44:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/09/30 09:01:18 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll

[2010/09/30 09:01:14 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe

[2010/09/30 09:00:55 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls

[2010/09/30 08:50:48 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax

[2010/09/30 08:50:43 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll

[2010/09/30 08:50:39 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls

[2010/09/30 08:50:39 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls

[2010/09/30 08:46:41 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax

[2010/09/30 08:45:12 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls

[2010/09/30 08:45:09 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2010/09/30 08:44:07 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2010/09/30 08:42:18 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll

[2010/09/30 08:42:13 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll

[2010/09/30 08:42:08 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll

[2010/09/30 08:42:02 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll

[2010/09/30 08:41:57 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll

[2010/09/30 08:41:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2010/09/30 08:39:03 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll

[2010/09/30 08:39:02 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll

[2010/09/30 08:39:01 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll

[2010/09/30 08:37:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls

[2010/09/30 08:37:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls

[2010/09/30 08:37:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls

[2010/09/30 08:37:12 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls

[2010/09/30 08:37:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls

[2010/09/30 08:37:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls

[2010/09/30 08:37:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls

[2010/09/30 08:37:10 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls

[2010/09/30 08:37:10 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls

[2010/09/30 08:37:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls

[2010/09/30 08:37:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls

[2010/09/30 08:37:09 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls

[2010/09/30 08:37:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls

[2010/09/30 08:37:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls

[2010/09/30 08:37:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls

[2010/09/30 08:37:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls

[2010/09/30 08:37:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls

[2010/09/30 08:37:08 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls

[2010/09/30 08:37:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls

[2010/09/30 08:37:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls

[2010/09/30 08:37:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls

[2010/09/30 08:37:04 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls

[2010/09/30 08:37:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls

[2010/09/30 08:37:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls

[2010/09/30 08:37:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls

[2010/09/30 08:37:03 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls

[2010/09/30 08:37:03 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls

[2010/09/30 08:37:03 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls

[2010/09/30 08:37:03 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls

[2010/09/30 08:37:02 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls

[2010/09/30 08:37:02 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls

[2010/09/30 08:37:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls

[2010/09/30 08:37:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls

[2010/09/30 08:36:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls

[2010/09/30 08:36:58 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls

[2010/09/30 08:36:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls

[2010/09/30 08:36:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls

[2010/09/30 08:36:57 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls

[2010/09/30 08:36:57 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls

[2010/09/30 08:36:57 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls

[2010/09/30 08:36:43 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls

[2010/09/30 08:36:41 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls

[2010/09/30 08:36:30 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys

[2010/09/30 08:36:29 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys

[2010/09/30 08:36:29 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys

[2010/09/30 08:36:28 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys

[2010/09/30 08:36:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys

[2010/09/30 08:36:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys

[2010/09/30 08:36:26 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys

[2010/09/30 08:36:26 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys

[2010/09/30 08:36:24 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys

[2010/09/30 08:36:20 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys

[2010/09/30 07:59:09 | 3211,046,912 | -HS- | C] () -- C:\hiberfil.sys

[2010/09/29 14:52:24 | 141,302,368 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\ICP420.exe

[2010/09/29 13:07:10 | 379,430,944 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\visa462full.exe

[2010/09/28 21:57:08 | 000,059,205 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Marking Scheme F2010.pdf

[2010/09/28 21:56:15 | 000,012,015 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Marking Scheme F2010.docx

[2010/09/28 21:06:27 | 000,142,673 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\Unfiled Notes.pdf

[2010/09/28 17:05:49 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Measurement & Automation.lnk

[2010/09/27 20:23:48 | 000,002,058 | ---- | C] () -- C:\Documents and Settings\nzahirov\.recently-used.xbel

[2010/09/16 04:12:04 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\nzahirov\Desktop\HijackThis.lnk

[2010/08/25 21:21:50 | 000,000,024 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2010/08/20 08:49:09 | 001,044,056 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

[2010/07/09 14:43:04 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\usbiun2k.ini

[2010/07/09 11:16:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nidmfpan.ini

[2010/06/10 14:46:20 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\nirpc.ini

[2010/06/02 18:44:54 | 000,003,520 | ---- | C] () -- C:\WINDOWS\System32\nipalpg.dll

[2009/11/16 20:56:50 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\WMIMPLEX.dll

[2009/11/16 20:56:50 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\maplec.dll

[2009/11/16 20:56:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\maplecompat.dll

[2009/11/12 10:10:43 | 000,000,048 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\analyzer.set

[2009/10/21 09:29:45 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tmpFF.log

[2009/10/05 09:24:33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PerformaxCom.dll

[2009/09/16 17:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll

[2009/08/03 10:00:00 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\cvintdrv.sys

[2009/07/31 14:13:44 | 000,000,069 | ---- | C] () -- C:\WINDOWS\pxisys.ini

[2009/07/31 14:13:44 | 000,000,030 | ---- | C] () -- C:\WINDOWS\pxiesys.ini

[2009/07/07 11:47:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI

[2009/06/17 10:26:12 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tmp62.log

[2009/05/11 01:22:43 | 000,004,005 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\Comma Separated Values (Windows).NOT

[2009/05/11 00:55:12 | 000,029,246 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\Comma Separated Values (Windows).ADR

[2009/02/09 17:48:24 | 002,854,976 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2009/01/12 22:55:58 | 000,000,146 | ---- | C] () -- C:\WINDOWS\capture.INI

[2009/01/12 22:44:18 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/01/12 22:40:48 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL

[2009/01/12 22:37:44 | 000,903,168 | ---- | C] () -- C:\WINDOWS\System32\mitmdl30.dll

[2009/01/12 22:37:43 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\lffax60n.dll

[2009/01/12 22:37:43 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\lfpng60n.dll

[2009/01/12 22:37:43 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\lftif60n.dll

[2009/01/12 22:37:43 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\lfpcx60n.dll

[2009/01/12 22:37:43 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfpct60n.dll

[2009/01/12 22:37:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\lfpsd60n.dll

[2009/01/12 22:37:43 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lftga60n.dll

[2009/01/12 22:37:43 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwpg60n.dll

[2009/01/12 22:37:43 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\lfwmf60n.dll

[2009/01/12 22:37:43 | 000,018,432 | ---- | C] () -- C:\WINDOWS\System32\lfmsp60n.dll

[2009/01/12 22:37:43 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\lfmac60n.dll

[2009/01/12 22:37:42 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\lfcmp60n.dll

[2009/01/12 22:37:42 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\lfeps60n.dll

[2009/01/12 22:37:42 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\lfbmp60n.dll

[2009/01/12 21:57:24 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\PUTTY.RND

[2008/11/03 11:11:22 | 003,821,568 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\filesync.metadata

[2008/10/28 22:33:46 | 000,006,950 | ---- | C] () -- C:\Documents and Settings\nzahirov\Application Data\PrimoPDFSet.xml

[2008/10/28 22:29:28 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll

[2008/10/01 12:33:48 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\IntegMotorCANComm.dll

[2008/09/15 20:14:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008/09/15 20:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2008/09/15 20:12:02 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2008/09/15 20:11:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2008/09/08 23:25:34 | 000,000,118 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI

[2008/09/08 23:19:34 | 000,021,240 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll

[2008/09/08 23:19:34 | 000,013,560 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll

[2008/09/08 21:39:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\PUTTY.RND

[2008/08/09 17:55:52 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2008/08/09 17:55:51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2008/08/09 17:55:47 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2008/08/09 17:55:46 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2008/08/09 17:55:42 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2008/08/09 17:55:42 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2008/06/23 15:18:05 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/06/12 14:11:46 | 000,000,013 | ---- | C] () -- C:\WINDOWS\msgtn.ini

[2008/06/12 14:11:09 | 000,000,639 | ---- | C] () -- C:\WINDOWS\Powerplayer.ini

[2008/06/12 14:11:04 | 000,000,693 | ---- | C] () -- C:\WINDOWS\psnetwork.ini

[2008/06/08 09:25:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\linecalc.INI

[2008/06/05 23:57:03 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\nzahirov\Local Settings\Application Data\fusioncache.dat

[2008/05/26 23:42:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ads.INI

[2008/05/25 11:13:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI

[2008/05/15 09:18:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008/05/15 08:40:19 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2008/05/15 08:40:19 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4860.dll

[2008/05/15 08:37:57 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS

[2008/05/15 08:36:49 | 000,106,496 | ---- | C] () -- C:\WINDOWS\stkbtnpn.dll

[2008/05/15 08:35:46 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS

[2008/04/28 12:13:33 | 000,000,310 | ---- | C] () -- C:\WINDOWS\primopdf.ini

[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2007/07/27 02:37:40 | 000,025,269 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI

[2007/07/27 02:37:29 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI

[2007/07/19 03:13:22 | 000,049,696 | ---- | C] () -- C:\WINDOWS\System32\nispdu.dll

[2007/07/19 02:32:30 | 000,049,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\nispdk.dll

[2007/07/19 02:32:24 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\niscdrau.dll

[2007/07/18 15:17:24 | 000,066,080 | ---- | C] () -- C:\WINDOWS\System32\cfswitch.dll

[2007/04/16 17:22:06 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\nipxiini.dll

[2007/04/16 16:52:36 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\niidaqlv.dll

[2006/09/14 12:59:23 | 001,490,999 | ---- | C] () -- C:\WINDOWS\System32\tkbtnpn1.dll

[2006/09/12 15:45:14 | 000,012,653 | ---- | C] () -- C:\WINDOWS\System32\GPIB.DLL

[2006/09/05 17:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL

[2006/06/13 16:35:32 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[2006/04/30 19:36:03 | 000,004,670 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2005/02/17 11:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest

[2005/02/17 11:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest

[2002/02/27 11:41:28 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll

[2002/02/27 11:41:26 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll

[2002/02/27 11:41:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll

[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[1999/11/04 11:00:38 | 000,001,840 | ---- | C] () -- C:\WINDOWS\System32\niidaqs.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86

< End of report >

[kahdah]

=======Cleanup=======

• Click START then RUN
  
• Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the Uninstall, it needs to be there.
  

======Next======

• Double click on OTL to run it.
  
• Click on the Cleanup button at the top.
  
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  
• This will remove itself and other tools we may have used.
  

Delete\uninstall anything else that we have used that is leftover.

After that your all set.

===The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance===

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article Some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

"How did I get infected in the first place?" Also this one by Tony Klein.

If your computer is slow Is a tutorial on what you can do if your computer is slow.

File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent etc...

===Free antimalware tools used for on demand scanning and cleaning no real time unless purchased===

Malwarebytes Antimalware

superantispyware

===Free antivirus links===

This is antivirus and antispyware.

Microsoft Security Essentials

This is free antispyware protection and Antivirus protection.

AVG free 9.0

This is just antivirus protection.

Antivir

This is antivirus and antispyware protection.

Avast