Bad Image Error Message - Free Antivirus Forum

Bad Image Error Message

BullGuard Antivirus Forum > Virus > Virus Questions > Bad Image Error Message

Forum Quick Jump

[ << Previous Thread | Next Thread >> ]

z61m
New Member

Date Joined Sep 2009
Total Posts : 22

Posted 11-4-2009 8:48 (GMT +1)

I recently started getting this error message every time an application opens on my computer:

"name of application".exe - Bad Image

The application or DLL c:\\WINDOWS\system32\pofikime.dll is not a valid Windows image. Please check this against your installation diskette.

I have noticed that each time it happens, it references the file pofikime.dll

How can I go about fixing this?

If you would like to see any log files, just let me know which ones (Malwarebytes has already been run and nothing found, GMER does not like to run on my system, it usually freezes).

Thanks in advance for any advice.

Post Edited (z61m) : 05-11-2009 20:34:45 GMT

Jintan
Senior Member

Date Joined Dec 2006
Total Posts : 925

Posted 11-5-2009 2:05 (GMT +1)

Hello z61m,

Best guess is some partially removed malware still has it's settings interfering with things. Let's get some details to work from here. If you would, do me a favor and click the small pencil icon in your last post, and remove that oversized graphic you posted. In my browser it causes a severe left-right scroll effect.

To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.

Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

--------------

Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer.

If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

Click here and help my friend help stop leukemia, lymphoma, Hodgkin lymphoma and myeloma from taking more lives.

z61m
New Member

Date Joined Sep 2009
Total Posts : 22

Posted 11-5-2009 9:42 (GMT +1)

RSIT log.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Christopher at 2009-11-05 15:36:22
Microsoft Windows XP Professional Service Pack 3
System drive C: has 39 GB (43%) free of 89 GB
Total RAM: 1022 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:36:43 PM, on 11/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\adm\IUService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
c:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Documents and Settings\Christopher\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Christopher.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.226 winguard2009.microsoft.com
O1 - Hosts: 91.212.127.226 winguard-2009.com
O1 - Hosts: 91.212.127.226 www.winguard-2009.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll
O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\IBM\Java142\jre\bin\NPJPI142.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/us/en/
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234209937550
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234212194375
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: pofikime.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O21 - SSODL: metowayan - {db01e058-b7d1-4e62-9410-534cc5965aa7} - c:\windows\system32\dakomira.dll (file missing)
O22 - SharedTaskScheduler: mujuzedij - {db01e058-b7d1-4e62-9410-534cc5965aa7} - c:\windows\system32\dakomira.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (file missing)
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Unknown owner - C:\WINDOWS\system32\IPSSVC.EXE (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: Lenovo PSA Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe (file missing)
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\adm\IUService.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe (file missing)

--
End of file - 14593 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2006-02-14 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-02-14 512000]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2005-10-28 864256]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2005-11-07 106496]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2006-02-24 237568]
"TPHOTKEY"=C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe [2006-03-09 94208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2006-03-09 106496]
"AMSG"=C:\Program Files\ThinkVantage\AMSG\Amsg.exe [2005-11-14 487424]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-08-01 122940]
"ISUSScheduler"=c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"AwaySch"=C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [2006-03-09 69632]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2005-10-28 335872]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-03-01 196710]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2006-04-17 409600]
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2006-04-17 98304]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog []
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-05-29 52840]
"vptray"=C:\PROGRA~1\SYMANT~2\VPTray.exe [2007-06-06 125632]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2008-07-21 169312]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2006-11-09 2341632]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2006-11-09 503808]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"ISUSPM Startup"=c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-07-27 221184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="pofikime.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
c:\program files\thinkpad\connectutilities\ACNotify.dll [2006-04-17 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-25 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll [2006-03-09 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2007-06-06 43712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2006-02-14 39936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
C:\WINDOWS\system32\notifyf2.dll [2005-07-06 28672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
C:\WINDOWS\system32\tphklock.dll [2005-11-30 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
metowayan - {db01e058-b7d1-4e62-9410-534cc5965aa7} - c:\windows\system32\dakomira.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
mujuzedij - {db01e058-b7d1-4e62-9410-534cc5965aa7} - c:\windows\system32\dakomira.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
nadeyamu.dll
puvovuma.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\MATLAB_SV71\bin\win32\MATLAB.exe"="C:\Program Files\MATLAB_SV71\bin\win32\MATLAB.exe:*:Disabled:MATLAB"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:explorer"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe"="C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe:*:Enabled:maxmenumgr"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ctfmon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe"="C:\Program Files\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d919866e-036b-11de-a8cd-0013027b28a8}]
shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e40029e5-f7c8-11dd-a8c3-0013027b28a8}]
shell\AutoRun\command - E:\Setup.EXE
shell\explore\command - E:\Setup.EXE
shell\open\command - E:\Setup.EXE

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-11-05 15:36:22 ----D---- C:\rsit
2009-11-03 23:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2009-11-03 23:00:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-02 09:51:42 ----D---- C:\Program Files\tijfow
2009-10-22 16:09:37 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2009-10-22 12:45:22 ----D---- C:\WINDOWS\pss
2009-10-19 13:26:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-10-19 13:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-10-19 13:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-10-19 13:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-10-19 13:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-10-19 13:19:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-10-19 13:17:11 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-19 13:17:11 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-19 13:17:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-10-19 13:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-10-19 13:14:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-10-12 14:58:38 ----D---- C:\Documents and Settings\Christopher\Application Data\Download Manager
2009-10-09 21:29:59 ----D---- C:\_SMA
2009-10-09 15:02:57 ----A---- C:\Documents and Settings\All Users\Application Data\tvt_userinfo.ini
2009-10-09 10:10:03 ----RSHD---- C:\RRbackups
2009-10-09 10:09:29 ----D---- C:\Documents and Settings\Christopher\Application Data\Lenovo
2009-10-09 10:05:26 ----D---- C:\SWTOOLS
2009-10-09 10:05:17 ----D---- C:\Program Files\SMI2
2009-10-09 10:05:09 ----D---- C:\Program Files\TVT SMBus
2009-10-09 10:05:06 ----D---- C:\Program Files\Common Files\Lenovo
2009-10-09 09:45:55 ----AD---- C:\SWSHARE
2009-10-08 21:25:12 ----AD---- C:\WINDOWS\system32\images
2009-10-08 19:55:08 ----D---- C:\WINDOWS\system32\schtml
2009-10-08 19:35:42 ----A---- C:\WINDOWS\usuceze.vbs
2009-10-08 19:35:42 ----A---- C:\WINDOWS\system32\urymorapuw.com
2009-10-08 19:35:42 ----A---- C:\WINDOWS\system32\aciva.vbs
2009-10-08 19:35:42 ----A---- C:\Program Files\Common Files\rifyqy.exe
2009-10-08 19:35:42 ----A---- C:\Documents and Settings\All Users\Application Data\inep.exe

======List of files/folders modified in the last 1 months======

2009-11-05 15:33:54 ----D---- C:\Program Files\Symantec AntiVirus
2009-11-05 12:34:42 ----D---- C:\WINDOWS\Prefetch
2009-11-05 11:23:27 ----D---- C:\WINDOWS\temp
2009-11-03 23:56:55 ----SHD---- C:\WINDOWS\Installer
2009-11-03 23:56:48 ----AD---- C:\WINDOWS
2009-11-03 23:56:21 ----A---- C:\WINDOWS\system32\PROCDB.INI
2009-11-03 23:50:16 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-03 23:50:04 ----D---- C:\Documents and Settings\Christopher\Application Data\WTablet
2009-11-03 23:49:16 ----AD---- C:\WINDOWS\system32
2009-11-03 23:48:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-03 23:03:12 ----HD---- C:\WINDOWS\inf
2009-11-03 23:03:01 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-11-02 22:03:58 ----RD---- C:\Program Files
2009-11-02 10:19:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-26 13:44:45 ----D---- C:\Documents and Settings\Christopher\Application Data\Adobe
2009-10-22 19:04:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-10-22 19:03:41 ----RSD---- C:\WINDOWS\assembly
2009-10-22 16:09:37 ----D---- C:\Program Files\Adobe
2009-10-22 16:08:19 ----D---- C:\Program Files\Common Files\Adobe
2009-10-22 16:08:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-10-22 12:34:22 ----D---- C:\WINDOWS\system32\CatRoot
2009-10-22 12:25:28 ----A---- C:\WINDOWS\OEWABLog.txt
2009-10-22 12:24:17 ----D---- C:\Program Files\Internet Explorer
2009-10-19 13:39:21 ----D---- C:\WINDOWS\WinSxS
2009-10-19 13:27:08 ----A---- C:\WINDOWS\imsins.BAK
2009-10-19 13:24:03 ----HD---- C:\WINDOWS\$hf_mig$
2009-10-19 13:20:45 ----D---- C:\WINDOWS\system32\en-us
2009-10-19 13:20:31 ----D---- C:\WINDOWS\ie7updates
2009-10-17 21:31:14 ----A---- C:\WINDOWS\BlendSettings.ini
2009-10-12 19:03:14 ----RSD---- C:\WINDOWS\Fonts
2009-10-12 14:58:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-09 14:48:34 ----D---- C:\WINDOWS\system32\drivers
2009-10-09 10:08:57 ----D---- C:\Documents and Settings\All Users\Application Data\Lenovo
2009-10-09 10:05:24 ----D---- C:\Program Files\Lenovo
2009-10-09 10:05:23 ----D---- C:\WINDOWS\Help
2009-10-09 10:05:06 ----D---- C:\Program Files\Common Files
2009-10-09 10:04:41 ----D---- C:\Program Files\IBM ThinkVantage
2009-10-09 08:52:09 ----D---- C:\WINDOWS\Downloaded Installations
2009-10-08 19:20:14 ----SHD---- C:\System Volume Information
2009-10-08 14:57:02 ----A---- C:\WINDOWS\system32\uiautomationcore.dll
2009-10-08 14:57:00 ----A---- C:\WINDOWS\system32\oleacc.dll
2009-10-08 14:56:56 ----A---- C:\WINDOWS\system32\oleaccrc.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-11-08 11520]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-07-07 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-07-07 22684]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2005-06-20 4736]
R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-01-17 14848]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-03-28 189584]
R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-01-17 9343]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-07-05 17699]
R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2006-02-24 4442]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006-05-15 7168]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-07-25 21275]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-08-01 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-08-01 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-08-01 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-08-01 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-08-01 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-08-01 87004]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-08-01 92700]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-07-07 40544]
R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS []
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys []
R2 PROCDD;IPS Helper Driver; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2006-03-09 5120]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-04-14 13568]
R2 smi2;smi2; \??\C:\Program Files\SMI2\smi2.sys []
R2 smihlp;SMI helper driver; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys []
R2 tvtfilter;tvtfilter; \??\C:\WINDOWS\system32\drivers\tvtfilter.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-01-31 176128]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-25 1522688]
R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-03-09 152064]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys [2005-12-06 936448]
R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys [2005-12-06 192512]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2005-11-11 10112]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091105.003\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20091105.003\navex15.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-03-28 24208]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-02-14 177664]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-02-14 28800]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2006-11-09 17664]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R3 wacmoumonitor;Wacom Mode Helper; C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys [2008-03-17 15144]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2008-01-15 13480]
R3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 11440]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys [2005-12-06 670208]
S1 cvkpylpubdwfdbxt;cvkpylpubdwfdbxt; C:\WINDOWS\system32\drivers\cvkpylpubdwfdbxt.sys []
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 EraserUtilDrv10920;EraserUtilDrv10920; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10920.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 psadd;Lenovo PSA Driver; \??\C:\WINDOWS\system32\Drivers\psadd.sys []
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2009-01-15 43168]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2006-04-17 151552]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-25 405504]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-02 198336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2007-05-29 169576]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2007-06-06 31424]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-03-01 626810]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-04-14 114753]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2005-11-11 73782]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2008-07-21 193888]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-04-14 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-04-14 540745]
R2 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2007-06-06 116928]
R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2007-01-10 1160792]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2007-06-06 1821376]
R2 TabletServicePen;TabletServicePen; C:\WINDOWS\system32\Pen_Tablet.exe [2008-05-01 3032360]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2006-11-09 629504]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.EXE [2005-06-20 77824]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2006-11-09 723712]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2006-11-09 1974272]
R2 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2006-11-09 950272]
R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\adm\IUService.exe [2006-11-09 45056]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2007-05-29 192104]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe []
S2 IPSSVC;IPS Core Service; C:\WINDOWS\system32\IPSSVC.EXE []
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe []
S2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe []
S2 UCLauncherService;ThinkVantage System Update; C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-03-07 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-12 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-02 2528960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PsaSrv;Lenovo PSA Driver Control; C:\WINDOWS\system32\PsaSrv.exe []
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2007-03-28 214672]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

RSIT info.txt:

info.txt logfile of random's system information tool 1.06 2009-11-05 15:36:50

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Access Help-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\SETUP.EXE" -l0x9 UNINSTALL
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->C:\Program Files\Common Files\Adobe\Installers\2a31ae7a5c43ff52d8577782dd34e04\Setup.exe --uninstall=1
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Setup-->MsiExec.exe /I{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->MsiExec.exe /I{47A2A6D7-C198-4E57-A383-3D56315C53AD}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
AutoCAD 2008 - English-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-0409-0002-0060B0CE6BBA} /M ACAD
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Diskeeper Lite-->MsiExec.exe /X{8E726115-FCBE-43B1-9FB7-06E8E25F9ABE}
Help Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\SETUP.EXE" -l0x9 -AddRemove
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
IBM 32-bit Runtime Environment for Java 2, v1.4.2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E922961C-6DB6-41DE-9FEA-426DF3E9F81C} /l1033
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
Integrated camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\Setup.exe" -l0x9 -u
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
Interactive Heat Transfer V3-->C:\WINDOWS\IsUninst.exe -f"C:\Interactive Heat Transfer\Uninst.isu"
InterVideo WinDVD Creator-->"C:\Program Files\InstallShield Installation Information\{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MATLAB Student 7.1-->C:\Program Files\MATLAB_SV71\uninstall\uninstall.exe C:\Program Files\MATLAB_SV71\
Maxtor Manager-->"C:\Program Files\InstallShield Installation Information\{4D36E953-4456-4F8F-BC44-90BC4AA59889}\setup.exe" -runfromtemp -l0x0409 -removeonly
Maxtor Manager-->MsiExec.exe /I{4D36E953-4456-4F8F-BC44-90BC4AA59889}
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Message Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}\SETUP.EXE" -l0x9 -AddRemove
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
Oblivion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
Passware Kit Standard Demo 9.3-->MsiExec.exe /I{3B6DDEE1-736C-4A3D-B0AD-E4E7F1CB3D30}
PC-Doctor 5 for Windows-->C:\Program Files\PCDR5\uninst.exe
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Pen Tablet-->C:\Program Files\Tablet\Pen\Remove.exe /u
Photomatix Pro version 3.0.1-->"C:\Program Files\PhotomatixPro3\unins000.exe"
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}
PrimoPDF-->"C:\WINDOWS\PrimoPDF4\uninstall.exe" "/U:C:\Program Files\activePDF\PrimoPDF\Uninstall\uninstallPrimoPDF4.xml"
Productivity Center Supplement for ThinkPad-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\SETUP.EXE" -l0x9 -AddRemove
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Remove CU Configuration-->MsiExec.exe /I{80885BB6-BBAF-4667-8ADD-1D840C71ECFB}
Remove Multimedia Center-->C:\ibmtools\apps\recnow\sequencer.exe -fc:\ibmtools\apps\recnow\uninst.seq
Rescue and Recovery-->MsiExec.exe /I{7726CF62-7B45-4E6D-9266-615346816BCA}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Software Installer-->_tpiu000.exe /U
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Symantec AntiVirus-->MsiExec.exe /I{50E125D1-88E5-48CE-80AE-98EC9698E639}
System Migration Assistant-->MsiExec.exe /X{CA89B56F-E71B-4E08-82A9-580533E1C048}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1033
ThinkPad Configuration-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad EasyEject Utility -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1297C681-92D7-40EF-93BF-03F66EC5105C}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad FullScreen Magnifier-->RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.inf
ThinkPad Keyboard Customizer Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\SETUP.EXE" -l0x9 anything
ThinkPad Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\HXFSETUP.EXE -U -ITkp0588p.inf
ThinkPad PC Card Power Policy-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUnInstall 132 C:\IBMTOOLS\OSFIXES\PCMCIAPW\pcmciapw.inf
ThinkPad Power Management Driver-->RunDll32.exe tpinspm.dll,Uninstall
ThinkPad Power Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad Presentation Director-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ThinkPad\Utilities\UNNPDR.isu" -c"C:\Program Files\ThinkPad\Utilities\Tpinsnpd.dll"
ThinkPad UltraNav Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad UltraNav Wizard-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\SETUP.EXE" -l0x9 UNINSTALL
ThinkVantage Access Connections-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\SETUP.EXE" -l0x9 anything
ThinkVantage Active Protection System-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72806716-7088-41B2-8FA6-717A2A164DAB}\SETUP.EXE" -l0x9 anything
ThinkVantage Away Manager-->Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF
ThinkVantage Productivity Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\SETUP.EXE" -l0x9 -AddRemove
ThinkVantage System Update-->MsiExec.exe /X{2A43FF29-0D97-4445-B82D-9324F176AED5}
ThinkVantage Technologies Welcome Message-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x9 anything
TrackPoint Accessibility Features-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\SETUP.EXE"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Update for Windows XP (KB943729)-->"C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VitalSource Bookshelf-->MsiExec.exe /I{0C841E07-5B9A-440F-A98C-CDF6388B459D}
Wallpapers-->MsiExec.exe /I{F386C340-DF4B-4BBA-9503-420FB7EDB395}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0 MUI pack-->"C:\WINDOWS\$NtUninstallKB926141$\spuninst\spuninst.exe"
Windows PowerShell(TM) 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XP Themes-->MsiExec.exe /I{6CE96A14-61E2-48CC-837E-22710A953ADE}

======Hosts File======

127.0.0.1 localhost
::1 localhost
91.212.127.226 winguard2009.microsoft.com
91.212.127.226 winguard-2009.com
91.212.127.226 www.winguard-2009.com

======Security center information======

AV: Symantec AntiVirus Corporate Edition

======System event log======

Computer Name: LENOVO-8D161A63
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0013027B28A8. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 23563
Source Name: Dhcp
Time Written: 20091030141429.000000-240
Event Type: warning
User:

Record Number: 23531
Source Name: Dhcp
Time Written: 20091030133744.000000-240
Event Type: warning
User:

Computer Name: LENOVO-8D161A63
Event Code: 256
Message: Timed out sending notification of device interface change to window of "IWMSWindow"

Record Number: 23527
Source Name: PlugPlayManager
Time Written: 20091030133734.000000-240
Event Type: warning
User:

Record Number: 23502
Source Name: Dhcp
Time Written: 20091030125316.000000-240
Event Type: warning
User:

Record Number: 23472
Source Name: Dhcp
Time Written: 20091029180528.000000-240
Event Type: warning
User:

=====Application event log=====