I'd already uninstalled Ad-Aware, and everything else seemed to go well. Since the first time I ran ComboFix my computer has been running really awfully, very slowly, but after running it again this time as you told me to and rebooting, it's back to its usual speed, thank goodness!
Here is the log.txt from RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by dawn at 2010-10-22 13:02:02
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 109 GB (77%) free of 142 GB
Total RAM: 958 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:02:36 PM, on 10/22/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Users\dawn\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\dawn\Desktop\HijackThis\dawn.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bbc.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) -
http://download.eset.com/special/eos/OnlineScanner.cabO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 5702 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll [2010-02-12 506720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\npwinext.dll [2010-02-12 506720]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-15 4390912]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"MSN Toolbar"=C:\Program Files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe [2010-02-12 240992]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-03 1862144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
C:\Windows\system32\nvsvc.dll [2008-05-03 526880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-03-15 4390912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-11-28 583048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2006-11-03 50688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE -b -l []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-10-22 13:02:02 ----D---- C:\rsit
2010-10-22 12:51:04 ----D---- C:\Windows\temp
2010-10-22 12:51:02 ----A---- C:\ComboFix.txt
2010-10-22 12:50:26 ----SHD---- C:\$RECYCLE.BIN
2010-10-22 12:31:17 ----A---- C:\Windows\SWXCACLS.exe
2010-10-22 12:31:13 ----D---- C:\32788R22FWJFW
2010-10-21 22:21:08 ----D---- C:\Windows\system32\eu-ES
2010-10-21 22:21:08 ----D---- C:\Windows\system32\ca-ES
2010-10-21 22:20:59 ----D---- C:\Windows\system32\vi-VN
2010-10-21 17:54:49 ----D---- C:\Windows\system32\EventProviders
2010-10-21 17:27:07 ----A---- C:\Windows\zip.exe
2010-10-21 17:27:07 ----A---- C:\Windows\SWSC.exe
2010-10-21 17:27:07 ----A---- C:\Windows\SWREG.exe
2010-10-21 17:27:07 ----A---- C:\Windows\sed.exe
2010-10-21 17:27:07 ----A---- C:\Windows\PEV.exe
2010-10-21 17:27:07 ----A---- C:\Windows\NIRCMD.exe
2010-10-21 17:27:07 ----A---- C:\Windows\MBR.exe
2010-10-21 17:27:07 ----A---- C:\Windows\grep.exe
2010-10-21 17:26:02 ----D---- C:\Qoobox
2010-10-21 09:16:12 ----A---- C:\Windows\system32\javaws.exe
2010-10-21 09:16:12 ----A---- C:\Windows\system32\javaw.exe
2010-10-21 09:16:12 ----A---- C:\Windows\system32\java.exe
2010-10-15 17:40:39 ----D---- C:\Program Files\Common Files\Adobe
2010-10-14 17:32:54 ----A---- C:\Windows\system32\wmp.dll
2010-10-14 17:32:52 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-14 17:32:15 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-14 17:32:14 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-14 17:32:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-14 17:32:14 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-14 17:32:11 ----A---- C:\Windows\system32\netevent.dll
2010-10-14 17:31:12 ----A---- C:\Windows\system32\schannel.dll
2010-10-14 17:31:07 ----A---- C:\Windows\system32\ole32.dll
2010-10-14 17:31:02 ----A---- C:\Windows\system32\t2embed.dll
2010-10-14 17:30:54 ----A---- C:\Windows\system32\mshtml.dll
2010-10-14 17:30:52 ----A---- C:\Windows\system32\ieframe.dll
2010-10-14 17:30:51 ----A---- C:\Windows\system32\urlmon.dll
2010-10-14 17:30:51 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-14 17:30:51 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-14 17:30:50 ----A---- C:\Windows\system32\wininet.dll
2010-10-14 17:30:50 ----A---- C:\Windows\system32\mstime.dll
2010-10-14 17:30:50 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-14 17:30:50 ----A---- C:\Windows\system32\iertutil.dll
2010-10-14 17:30:49 ----A---- C:\Windows\system32\occache.dll
2010-10-14 17:30:49 ----A---- C:\Windows\system32\ieUnatt.exe
2010-10-14 17:30:49 ----A---- C:\Windows\system32\ieui.dll
2010-10-14 17:30:49 ----A---- C:\Windows\system32\iesysprep.dll
2010-10-14 17:30:49 ----A---- C:\Windows\system32\iepeers.dll
2010-10-14 17:30:49 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-14 17:30:48 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-14 17:30:48 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-14 17:30:48 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-14 17:30:48 ----A---- C:\Windows\system32\iesetup.dll
2010-10-14 17:30:48 ----A---- C:\Windows\system32\iernonce.dll
2010-10-14 17:30:48 ----A---- C:\Windows\system32\ie4uinit.exe
2010-10-14 17:30:41 ----A---- C:\Windows\system32\mfc40.dll
2010-10-14 17:30:40 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-14 17:30:34 ----A---- C:\Windows\system32\win32k.sys
2010-10-14 17:30:24 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-14 17:30:18 ----A---- C:\Windows\system32\comctl32.dll
2010-10-12 12:19:48 ----D---- C:\Users\dawn\AppData\Roaming\Avira
2010-10-12 12:03:51 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2010-10-12 12:03:47 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-10-12 12:03:47 ----A---- C:\Windows\system32\drivers\avgntmgr.sys
2010-10-12 12:03:47 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-10-12 12:03:47 ----A---- C:\Windows\system32\drivers\avgntdd.sys
2010-10-12 12:03:20 ----D---- C:\ProgramData\Avira
2010-10-12 12:03:20 ----D---- C:\Program Files\Avira
2010-10-05 17:54:39 ----D---- C:\Windows\Minidump
2010-09-29 11:12:42 ----A---- C:\Windows\system32\tzres.dll
2010-09-28 16:52:13 ----D---- C:\Program Files\MSN Toolbar
2010-09-28 16:49:39 ----D---- C:\Program Files\MSN Toolbar Installer
======List of files/folders modified in the last 1 months======
2010-10-22 13:01:08 ----D---- C:\Windows\System32
2010-10-22 13:01:08 ----D---- C:\Windows\inf
2010-10-22 13:01:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-22 12:57:34 ----D---- C:\Windows\Prefetch
2010-10-22 12:51:04 ----D---- C:\Windows
2010-10-22 12:46:16 ----A---- C:\Windows\system.ini
2010-10-22 12:42:41 ----D---- C:\Windows\system32\drivers
2010-10-22 12:42:41 ----D---- C:\Windows\AppPatch
2010-10-22 12:42:39 ----D---- C:\Program Files\Common Files
2010-10-22 09:37:56 ----SHD---- C:\System Volume Information
2010-10-22 09:37:04 ----D---- C:\Windows\system32\catroot
2010-10-22 09:36:59 ----D---- C:\Windows\winsxs
2010-10-22 09:35:22 ----D---- C:\Windows\system32\catroot2
2010-10-21 23:03:41 ----D---- C:\Program Files\Mozilla Firefox
2010-10-21 22:51:02 ----D---- C:\Windows\rescache
2010-10-21 22:49:24 ----D---- C:\Windows\Microsoft.NET
2010-10-21 22:48:53 ----RSD---- C:\Windows\assembly
2010-10-21 22:38:38 ----D---- C:\Boot
2010-10-21 22:26:29 ----D---- C:\Program Files\Windows Mail
2010-10-21 22:26:29 ----D---- C:\Program Files\Windows Calendar
2010-10-21 22:26:29 ----D---- C:\Program Files\Movie Maker
2010-10-21 22:26:25 ----D---- C:\Program Files\Windows Sidebar
2010-10-21 22:26:25 ----D---- C:\Program Files\Internet Explorer
2010-10-21 22:26:24 ----D---- C:\Program Files\Windows Media Player
2010-10-21 22:26:23 ----D---- C:\Program Files\Windows Collaboration
2010-10-21 22:26:18 ----D---- C:\Program Files\Windows Photo Gallery
2010-10-21 22:26:18 ----D---- C:\Program Files\Common Files\System
2010-10-21 22:26:03 ----D---- C:\Windows\servicing
2010-10-21 22:26:03 ----D---- C:\Program Files\Windows Defender
2010-10-21 22:25:27 ----D---- C:\Windows\IME
2010-10-21 22:25:25 ----D---- C:\Windows\system32\XPSViewer
2010-10-21 22:25:25 ----D---- C:\Windows\system32\sk-SK
2010-10-21 22:25:25 ----D---- C:\Windows\system32\lv-LV
2010-10-21 22:25:25 ----D---- C:\Windows\system32\hr-HR
2010-10-21 22:25:25 ----D---- C:\Windows\system32\et-EE
2010-10-21 22:25:25 ----D---- C:\Windows\system32\da-DK
2010-10-21 22:25:24 ----D---- C:\Windows\system32\ko-KR
2010-10-21 22:25:15 ----D---- C:\Windows\system32\en-US
2010-10-21 22:25:06 ----D---- C:\Windows\system32\de-DE
2010-10-21 22:25:05 ----D---- C:\Windows\system32\oobe
2010-10-21 22:25:05 ----D---- C:\Windows\system32\it-IT
2010-10-21 22:25:05 ----D---- C:\Windows\system32\el-GR
2010-10-21 22:25:03 ----D---- C:\Windows\system32\migration
2010-10-21 22:24:49 ----D---- C:\Windows\system32\ru-RU
2010-10-21 22:24:49 ----D---- C:\Windows\system32\AdvancedInstallers
2010-10-21 22:24:48 ----D---- C:\Windows\system32\sv-SE
2010-10-21 22:24:48 ----D---- C:\Windows\system32\setup
2010-10-21 22:24:48 ----D---- C:\Windows\system32\he-IL
2010-10-21 22:24:48 ----D---- C:\Windows\system32\fr-FR
2010-10-21 22:24:47 ----D---- C:\Windows\system32\pt-PT
2010-10-21 22:24:47 ----D---- C:\Windows\system32\hu-HU
2010-10-21 22:24:47 ----D---- C:\Windows\system32\fi-FI
2010-10-21 22:24:47 ----D---- C:\Windows\system32\cs-CZ
2010-10-21 22:24:46 ----D---- C:\Windows\system32\SLUI
2010-10-21 22:24:41 ----D---- C:\Windows\system32\zh-CN
2010-10-21 22:24:40 ----D---- C:\Windows\system32\sr-Latn-CS
2010-10-21 22:24:40 ----D---- C:\Windows\system32\manifeststore
2010-10-21 22:24:40 ----D---- C:\Windows\system32\es-ES
2010-10-21 22:24:40 ----D---- C:\Windows\system32\en
2010-10-21 22:24:39 ----D---- C:\Windows\system32\zh-TW
2010-10-21 22:24:39 ----D---- C:\Windows\system32\uk-UA
2010-10-21 22:24:39 ----D---- C:\Windows\system32\sl-SI
2010-10-21 22:24:39 ----D---- C:\Windows\system32\pl-PL
2010-10-21 22:24:39 ----D---- C:\Windows\system32\ja-JP
2010-10-21 22:24:38 ----D---- C:\Windows\system32\ro-RO
2010-10-21 22:24:38 ----D---- C:\Windows\system32\bg-BG
2010-10-21 22:24:34 ----D---- C:\Windows\system32\th-TH
2010-10-21 22:24:34 ----D---- C:\Windows\system32\drivers\en-US
2010-10-21 22:24:29 ----D---- C:\Windows\system32\tr-TR
2010-10-21 22:24:26 ----D---- C:\Windows\system32\wbem
2010-10-21 22:24:21 ----D---- C:\Windows\system32\nl-NL
2010-10-21 22:24:21 ----D---- C:\Windows\system32\nb-NO
2010-10-21 22:24:21 ----D---- C:\Windows\system32\lt-LT
2010-10-21 22:24:21 ----D---- C:\Windows\system32\ar-SA
2010-10-21 22:24:18 ----D---- C:\Windows\system32\pt-BR
2010-10-21 22:24:18 ----D---- C:\Windows\system32\migwiz
2010-10-21 22:21:37 ----RSD---- C:\Windows\Fonts
2010-10-21 22:20:58 ----D---- C:\Windows\system32\Boot
2010-10-21 22:19:23 ----D---- C:\Windows\system32\drivers\UMDF
2010-10-21 22:19:04 ----D---- C:\Windows\system32\RTCOM
2010-10-21 21:39:27 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2010-10-21 17:43:13 ----D---- C:\Windows\ERDNT
2010-10-21 09:17:05 ----SHD---- C:\Windows\Installer
2010-10-21 09:15:42 ----A---- C:\Windows\system32\deployJava1.dll
2010-10-21 09:15:37 ----D---- C:\Program Files\Java
2010-10-20 22:08:41 ----D---- C:\Program Files\Common Files\Java
2010-10-20 22:06:46 ----RD---- C:\Program Files
2010-10-19 11:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-15 23:12:48 ----SD---- C:\Users\dawn\AppData\Roaming\Microsoft
2010-10-15 17:40:48 ----D---- C:\ProgramData\Adobe
2010-10-15 15:48:33 ----D---- C:\Windows\system32\WDI
2010-10-15 12:35:26 ----A---- C:\Windows\system32\mrt.exe
2010-10-12 12:03:20 ----D---- C:\ProgramData
2010-10-12 11:58:17 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-09 19:07:06 ----D---- C:\Program Files\Trend Micro
2010-10-09 18:33:09 ----D---- C:\Program Files\Microsoft Office
2010-10-09 18:30:38 ----D---- C:\ProgramData\YAHOO
2010-10-09 18:29:53 ----D---- C:\Program Files\Common Files\SureThing Shared
2010-10-06 23:29:07 ----D---- C:\MGADiagToolOutput
2010-10-06 14:55:50 ----D---- C:\Program Files\MUSHclient
2010-09-28 16:52:28 ----SD---- C:\ProgramData\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-03-23 101160]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-03-07 43528]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 dsunidrv;DellSupport UniDriver; C:\Windows\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2006-10-18 258048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-15 1744928]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-15 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-14 9557216]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S3 catchme;catchme; \??\C:\Users\dawn\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [2006-10-05 4736]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-03-23 129832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-11-28 583048]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-19 70656]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-08-03 1862144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
And here is the info.txt from RSIT:
info.txt logfile of random's system information tool 1.08 2010-10-22 13:02:43
======Uninstall list======
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.4.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Canon MP Navigator 2.0-->"C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini
Canon MP500-->"C:\Windows\system32\CanonIJ Uninstaller Information\{BA4DF4C3-196E-4128-969A-00996B5A46F8}\DelDrv.exe" /U:{BA4DF4C3-196E-4128-969A-00996B5A46F8} /L0x0009
Conexant D850 PCI V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -IDel200fz.inf
Dell DataSafe Online-->MsiExec.exe /I{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}
Dell Support Center-->MsiExec.exe /I{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}
Dell System Customization Wizard-->MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
EarthLink Setup Files-->MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Games, Music, & Photos Launcher-->MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Heroes of Might and Magic® III Complete-->C:\Windows\IsUninst.exe -f"C:\Program Files\3DO\Heroes 3 Complete\Heroes of Might and Magic® III.isu" -c"C:\Program Files\Common Files\3DO Shared\3DOUnInst.dll
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Internet Service Offers Launcher-->MsiExec.exe /I{CCFF1E13-77A2-4032-8B12-7566982A27DF}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
jZip-->C:\PROGRA~1\jZip\UNWISE.EXE /U C:\PROGRA~1\jZip\INSTALL.LOG
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Default Manager-->MsiExec.exe /X{61BEA823-ECAF-49F1-8378-A59B3B8AD247}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{06E6E30D-B498-442F-A943-07DE41D7F785}
Microsoft UI Engine-->MsiExec.exe /I{2656D0AB-9EA4-4C58-A117-635F3CED8B93}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Modem Diagnostic Tool-->MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
Mozilla Firefox (3.6.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar Platform-->MsiExec.exe /I{66468F4D-BC4E-470C-9093-B3B6A1BB378C}
MSN Toolbar-->C:\Program Files\MSN Toolbar Installer\InstallManager.exe /UNINSTALL
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MUSHclient (remove only)-->C:\Program Files\MUSHclient\Laterversion\uninstall.exe
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIANetworkDiagnostic-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EFAD4066-CAF3-4B27-9669-12EED352C376}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x9 -cluninstall
Product Documentation Launcher-->MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
User's Guides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: dawn-PC
Event Code: 4374
Message: Windows Servicing identified that package KB980248(Update) is not applicable for this system
Record Number: 240868
Source Name: Microsoft-Windows-Servicing
Time Written: 20100427204107.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: dawn-PC
Event Code: 7000
Message: The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 240773
Source Name: Service Control Manager
Time Written: 20100427153050.000000-000
Event Type: Error
User:
Computer Name: dawn-PC
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 240739
Source Name: Microsoft-Windows-Time-Service
Time Written: 20100427152951.000000-000
Event Type: Warning
User:
Computer Name: dawn-PC
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 240738
Source Name: Microsoft-Windows-Time-Service
Time Written: 20100427152939.000000-000
Event Type: Warning
User:
Computer Name: dawn-PC
Event Code: 15016
Message: Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Record Number: 240737
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20100427152917.114531-000
Event Type: Error
User:
=====Application event log=====
Computer Name: dawn-PC
Event Code: 5007
Message: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.
Record Number: 50125
Source Name: WerSvc
Time Written: 20081010135820.000000-000
Event Type: Error
User:
Computer Name: dawn-PC
Event Code: 1
Message: The application (Acrobat Reader 7.*, from vendor Adobe) has the following problem: Acrobat Reader 7.* has a known compatibility issue with this version of Windows. For an update that is compatible with this version of Windows, contact Adobe.
Record Number: 50068
Source Name: Microsoft-Windows-ApplicationExperienceInfrastructure
Time Written: 20081010050751.204600-000
Event Type: Warning
User: dawn-PC\dawn
Computer Name: dawn-PC
Event Code: 507
Message: msnmsgr (2740) \\.\C:\Users\dawn\AppData\Local\Microsoft\Messenger\dawneschenauer@hotmail.com\SharingMetadata\Working\database_2FC_7930_FC79_1EDB\dfsr.db: A request to read from the file "\\.\C:\Users\dawn\AppData\Local\Microsoft\Messenger\dawneschenauer@hotmail.com\SharingMetadata\Working\database_2FC_7930_FC79_1EDB\dfsr.db" at offset 319488 (0x000000000004e000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (921 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Record Number: 50053
Source Name: ESENT
Time Written: 20081010021755.000000-000
Event Type: Warning
User:
Computer Name: dawn-PC
Event Code: 5007
Message: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.
Record Number: 49995
Source Name: WerSvc
Time Written: 20081009155512.000000-000
Event Type: Error
User:
Computer Name: dawn-PC
Event Code: 5007
Message: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.
Record Number: 49879
Source Name: WerSvc
Time Written: 20081008154040.000000-000
Event Type: Error
User:
=====Security event log=====
Computer Name: dawn-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: DAWN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x24c
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 46643
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090708152307.677303-000
Event Type: Audit Success
User:
Computer Name: dawn-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 46642
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090708152307.568103-000
Event Type: Audit Success
User:
Computer Name: dawn-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: DAWN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x24c
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 46641
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090708152307.568103-000
Event Type: Audit Success
User:
Computer Name: dawn-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: DAWN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x24c
Process Name: C:\Windows\System32\services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 46640
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090708152307.568103-000
Event Type: Audit Success
User:
Computer Name: dawn-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-20
Account Name: NETWORK SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e4
Privileges: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 46639
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090708152307.474502-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\jZip
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4f02
"NUMBER_OF_PROCESSORS"=1
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
-----------------EOF-----------------