• De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

CATIA V5R19 Installatie Problemen

Status
Niet open voor verdere reacties.

moravan

Nieuw lid
Lid geworden
21 feb 2011
Berichten
18
Waarderingsscore
0
Ik studeer aan de TU Delft en heb voor een vak het tekenprogramma CATIA V5R19 nodig. Ik heb al een aantal weken heb ik problemen om CATIA te installeren. Ik zal kort uitleggen wat er precies aan de hand is: ongeveer twee maanden geleden heb ik de installatie afgesloten, terwijl hij nog niet volledig voltooid was; ik vermoedde dat de installatie was vastgelopen, maar later heb ik gehoord dat het gewoon erg lang duurt. Als ik het programma vervolgens opnieuw wilde installeren, zag de installer dat het al (gedeeltelijk) genstalleerd was; hij vraagt dan of ik het oude programma wil denstalleren. Als ik op 'yes' klikte, kreeg ik de volgende foutmelding: 'This action is only valid for programs that are currently installed.' Nu is het probleem dus dat ik niet van het oude gedeeltelijk genstalleerde programma af kan komen. De gewone acties heb ik al ondernomen; maar het programma mist in mijn configuratiescherm, en mijn laptop terugzetten naar voor de eerste installatie is niet meer mogelijk.

Vervolgens ben ik naar het servicepunt van de TU gegaan; waar mij werd verteld dat ik alle bestanden van CATIA (en uitgever Dassault) via 'regedit' uit het register moest verwijderen. Dit leek in de eerste instantie te helpen, omdat de installatie nu gewoon werd afgerond, maar wanneer ik het programma open, zie ik kort een zwart schermpje en gebeurt er vervolgens niks. Overigens zit het programma dan nog steeds niet in het configuratiescherm. Daarna heb ik besloten om mijn laptop terug naar de fabrieksinstellingen te zetten, maar op een gegeven moment had ik een Windows7-CD nodig, en omdat ik die niet heb (Windows was al voorgenstalleerd toen ik de laptop kocht), krijg ik het probleem op deze manier ook niet opgelost.

Ik heb nu het gevoel zo een beetje alles geprobeerd te hebben, dus suggesties zijn zeer welkom.

(Ik heb een HP EliteBook 8540w, met Windows7.)
 
Hoi moravan, welkom op dit fijne forum.

Je tekst gelezen te hebben rijst bij mij nu de vraag, is Windows 7 nu wel of niet genstalleerd?
Want het is een raar gegeven dat een recovery om een installatiecd vraagt!
 
je bent blijkbaar vergeten om een systeemherstelschijf aan te maken ,dit wordt je nogthans ook aan geraden de eerste keer dat je windows gebruikte...


download de recovery disk en brand jezelf een recovery schijf !!





http://neosmart.net/blog/2009/windows-7-system-repair-discs/

heb je nog gn torent downloader , neem dan deze http://qbittorrent.sourceforge.net/
Met deze recovery cd's is geen herinstallatie (reinstall) van Windows mogelijk, maar hiermee kan je wel het systeem herstellen via de onderstaande mogelijkheden.
1. Startup Repair
Hiermee wordt geprobeerd Windows automatisch te herstellen.
2. System Restore
Hiermee kunt u eerder gemaakte systeemherstelpunten terug zetten.
3. System Image Recovery
Hiermee kunt u het systeem herstellen met een eerder aangemaakte image van het systeem.
4. Windows Memory Diagnostic
Hiermee wordt de computer gecontroleerd op hardware en geheugen problemen (errors).
5. Command Prompt
Via de Command Prompt kunt u het systeem doormiddel van commando's proberen te herstellen.

Opstarten vanaf de recovery CD instellen in de BIOS (Win7 ).
Indien de pc niet start van de Windows 7 recovery-cd herstart je de computer.
Druk bij het starten van de computer onmiddellijk op de toets die nodig is om in het BIOS setup programma te komen. Meestal is dit F2, F10, F12 of de DEL toets. Op sommige computers kan het ook een andere toets zijn, maar dan zie je dit verschijnen in het opstartscherm wanneer je de computer opstart.

In het BIOS kan je via de tab-toets en de pijltjes-toetsen navigeren. Via de Enter-toets kan je de wijzigingen bevestigen.
Zoek waar je de opstartvolgorde kan wijzigen. Dit wordt aangeduid als Boot, Boot Order, Boot options, Boot Sequence.
Zorg dat de CD/DVD-drive als eerste ingesteld staat. (first bootdevice)

Wanneer dit gebeurd is ga je naar het menu Exit en kies je voor Exit and save changes.
De computer moet nu kunnen starten van de recovery-cd
Opstarten vanaf de recovery CD (win7 ').
Plaats de Win7 recovery-cd in de CD/DVD-drive.
Wanneer gevraagd wordt om te computer te starten van de DVD, druk je op een toets b.v. de spatiebalk.

Als de computer is opgestart van de "recovery" cd krijgt u de onderstaande melding.
"System recovery options" klik hier op "next"
Het systeem wordt nu geanalyseerd op aanwezige Windows installaties.
Als deze gereed is krijg u het venster te zien met de gevonden Windows installaties.
Kies hier het juiste "besturings systeem" wat u wilt herstellen en klik op "next"
Startup Repair
System Restore
System Image Recovery
Windows Memory Diagnostic
Command Prompt

Het gebruik van de command prompt
Meer informatie over het gebruik van commando's via de "Command Prompt" kunt u navragen op het forum.
Een overzicht van de gebruikte commando's staat hier beschreven.

Hieronder staan alleen de gebruikte commando's voor het herstellen van de "Master Boot Record", deze zijn voor Windows Vista en 7 gelijk.

Geef achter de Command Prompt de onderstaande vetgedrukte commando's op.
bootrec.exe /fixmbr
bootrec.exe /fixboot
(Let op!!! de spatie na bootrec.exe en de / 'slash')
 
Ja, ik heb gewoon windows 7 op mn laptop staan. Toen ik besloot mn laptop terug te zetten naar de fabrieksinstelling vroeg hij op een gegeven moment om de windows 7 CD in te voeren... en die heb ik niet, want windows 7 stond er al op toen ik de laptop kocht.

dat terugzetten heb ik gedaan via: Control Panel - Recovery - Advanced Recovery Methods - Return Your Computer To Factory Condition...
 
Doe het volgende:

Welk programma: RSIT
Waarvoor/waarom: geeft een zeer uitgebreid overzicht van Windows
Moeilijkheidsgraad: geen
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download RSIT hier[/list]


Het gebruik van RSIT,
  • Windows 2000 en Windows XP: start RSIT middels dubbelklik op de snelkoppeling.
  • Windows Vista en Windows 7: start RSIT middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator".


Nadat de scan beindigd is, zullen twee logs openen.
  • Post vervolgens de inhoud van 'log.txt' via DDRMMR's kleurcodeerder ('log.txt' zal gemaximaliseerd zijn)
  • Post ook 'info.txt' ('info.txt' hoeft niet via DDRMMR's kleurcodeerder en zal eerst geminimaliseerd zijn in de Taakbalk)
  • Indien je info.txt niet vindt, kijk dan in C:\ er naar.

Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt nog het volgende:
  • RSIT dient dan namelijk in 'compatibiliteitsmodus' uitgevoerd te worden.
  • Middels rechtsklik op 'RSIT.exe' kies je voor 'Eigenschappen',
  • klik nu op de tab 'Compatibiliteit'.
  • Vink 'Dit programma uitvoeren in compatibiliteitsmodus' aan en kies vervolgens voor 'Windows XP Service Pack 3'



RSIT produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.

Ga naar DDRMMR's kleurcodeerder
 
[hjt]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Radz at 2011-02-21 13:52:59
Microsoft Windows 7 Home Premium Service Pack 3
System drive C: has 198 GB (69%) free of 288 GB
Total RAM: 4025 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:53:01, on 21-2-2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe
c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe
c:\program files (x86)\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe
c:\program files (x86)\common files\java\java update\jusched.exe
c:\program files (x86)\itunes\ituneshelper.exe
c:\program files (x86)\hewlett-packard\hp quick launch buttons\volctrl.exe
c:\program files (x86)\hewlett-packard\hp skyroom\remote graphics sender\rgsender_gui.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\program files (x86)\hewlett-packard\shared\hpqtoaster.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\program files (x86)\microsoft office\office14\winword.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\users\radz\appdata\local\google\chrome\application\chrome.exe
c:\windows\syswow64\notepad.exe
c:\users\radz\downloads\rsit.exe
c:\program files (x86)\trend micro\radz.exe

r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://www.bing.com[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://www.bing.com[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://www.bing.com[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = *.local
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
r3 - urlsearchhook: mcafee siteadvisor toolbar - {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
r3 - urlsearchhook: utorrentbar_nl toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files (x86)\utorrentbar_nl\tbutor.dll
f2 - reg:system.ini: userinit=userinit.exe
o2 - bho: suggestmeyesbho - {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files (x86)\autocompletepro\autocompletepro.dll
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: mcafee phishing filter - {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
o2 - bho: conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files (x86)\conduitengine\conduitengine.dll
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~4\office14\grooveex.dll
o2 - bho: scriptproxy - {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20101120111342.dll
o2 - bho: utorrentbar_nl toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files (x86)\utorrentbar_nl\tbutor.dll
o2 - bho: windows live id sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: windows live messenger companion helper - {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
o2 - bho: mcafee siteadvisor bho - {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
o2 - bho: urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~4\office14\urlredir.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
o3 - toolbar: mcafee siteadvisor toolbar - {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
o3 - toolbar: utorrentbar_nl toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - c:\program files (x86)\utorrentbar_nl\tbutor.dll
o3 - toolbar: conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files (x86)\conduitengine\conduitengine.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [qlbctrl.exe] c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe /start
o4 - hklm\..\run: [nusb3mon] c:\program files (x86)\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe
o4 - hklm\..\run: [imss] c:\program files (x86)\intel\intel(r) management engine components\imss\piconstartup.exe
o4 - hklm\..\run: [mcui_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
o4 - hklm\..\run: [bcssync] c:\program files (x86)\microsoft office\office14\bcssync.exe /delayservices
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [adobe arm] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files (x86)\common files\java\java update\jusched.exe
o4 - hklm\..\run: [quicktime task] c:\program files (x86)\quicktime\qttask.exe -atboottime
o4 - hklm\..\run: [ituneshelper] c:\program files (x86)\itunes\ituneshelper.exe
o4 - hkcu\..\run: [google update] c:\users\radz\appdata\local\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [msnmsgr] c:\program files (x86)\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [swg] c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o4 - startup: openoffice.org 3.2 .lnk = c:\program files (x86)\openoffice.org 3\program\quickstart.exe
o4 - global startup: vpngui.exe.lnk = ?
o8 - extra context menu item: &verzenden naar onenote - res://c:\progra~2\micros~4\office14\onbttnie.dll/105
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~2\micros~4\office14\excel.exe/3000
o8 - extra context menu item: google sidewiki... - res://c:\program files (x86)\google\google toolbar\component\googletoolbardynamic_mui_en_e11712c84ea7e12b.dll/cmsidewiki.html
o9 - extra button: @c:\program files (x86)\windows live\companion\companionlang.dll,-600 - {0000036b-c524-4050-81a0-243669a86b9f} - c:\program files (x86)\windows live\companion\companioncore.dll
o9 - extra button: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra button: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra 'tools' menuitem: &verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra button: &gekoppelde notities van onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra 'tools' menuitem: &gekoppelde notities van onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o16 - dpf: {784797a8-342d-4072-9486-03c8d0f2f0a1} (battlefield heroes updater) - [noparse]https://www.battlefieldheroes.com/static/updater/bfhupdater_5.0.31.0.cab[/noparse]
o18 - protocol: dssrequest - {5513f07e-936b-4e52-9b00-067394e91cc5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
o18 - protocol: sacore - {5513f07e-936b-4e52-9b00-067394e91cc5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
o18 - protocol: wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files (x86)\windows live\photo gallery\albumdownloadprotocolhandler.dll
o18 - filter hijack: text/xml - {807573e5-5146-11d5-a672-00b0d022e945} - c:\program files (x86)\common files\microsoft shared\office14\msoxmlmf.dll
o23 - service: andrea st filters service (aestfilters) - andrea electronics corporation - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\aestsr64.exe
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: mobiel apple apparaat (apple mobile device) - apple inc. - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
o23 - service: bonjour-service (bonjour service) - apple inc. - c:\program files (x86)\bonjour\mdnsresponder.exe
o23 - service: com4qlbex - hewlett-packard development company, l.p. - c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe
o23 - service: cisco systems, inc. vpn service (cvpnd) - cisco systems, inc. - c:\program files (x86)\cisco systems\vpn client\cvpnd.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: google updateservice (gupdate) (gupdate) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
o23 - service: hp health check service - hewlett-packard company - c:\program files (x86)\hewlett-packard\hp health check\hphc_service.exe
o23 - service: hp power assistant service - hewlett-packard - c:\program files\hewlett-packard\hp power assistant\hppa_service.exe
o23 - service: hp wireless assistant service - hewlett-packard - c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe
o23 - service: hp skyroom (hp.skyroom.windows.service) - hewlett-packard - c:\program files (x86)\hewlett-packard\hp skyroom\hp.skyroom.windows.service.exe
o23 - service: hp quick synchronization service (hpdrvmntsvc.exe) - hewlett-packard company - c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe
o23 - service: hp software framework service (hpqwmiex) - hewlett-packard company - c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe
o23 - service: hp service (hpsrv) - unknown owner - c:\windows\system32\hpservice.exe (file missing)
o23 - service: intel(r) matrix storage event monitor (iaantmon) - intel corporation - c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: intel(r) management and security application local management service (lms) - intel corporation - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
o23 - service: mcafee siteadvisor service - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: mcafee personal firewall service (mcmpfsvc) - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: mcafee services (mcmscsvc) - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: mcafee virusscan announcer (mcnaiann) - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: mcafee network agent (mcnasvc) - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: mcafee scanner (mcods) - mcafee, inc. - c:\program files\mcafee\virusscan\mcods.exe
o23 - service: mcafee proxy service (mcproxy) - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: mcshield - mcafee, inc. - c:\program files\common files\mcafee\systemcore\\mcshield.exe
o23 - service: mcafee firewall core service (mfefire) - mcafee, inc. - c:\program files\common files\mcafee\systemcore\\mfefire.exe
o23 - service: mcafee validation trust protection service (mfevtp) - unknown owner - c:\windows\system32\mfevtps.exe (file missing)
o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: mcafee anti-spam service (msk80service) - mcafee, inc. - c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: nvidia performance driver service - unknown owner - c:\program files\nvidia corporation\performance drivers\nvpdsvc.exe
o23 - service: nvidia display driver service (nvsvc) - unknown owner - c:\windows\system32\nvvsvc.exe (file missing)
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: remote graphics sender service (rgsender) - hewlett-packard, inc. - c:\program files (x86)\hewlett-packard\hp skyroom\remote graphics sender\rgsendersvc.exe
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: audio service (stacsv) - idt, inc. - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: intel(r) management & security application user notification service (uns) - intel corporation - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: validity vcs fingerprint service (vcsfpservice) - validity sensors, inc. - c:\windows\system32\vcsfpservice.exe
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: @%systemroot%\system32\wat\watux.exe,-601 (watadminsvc) - unknown owner - c:\windows\system32\wat\watadminsvc.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)
--
end of file - 17468 bytes
======scheduled tasks folder======
c:\windows\tasks\googleupdatetaskmachinecore.job
c:\windows\tasks\googleupdatetaskmachineua.job
c:\windows\tasks\googleupdatetaskusers-1-5-21-2642140197-1645424346-2896816342-1000core.job
c:\windows\tasks\googleupdatetaskusers-1-5-21-2642140197-1645424346-2896816342-1000ua.job
======registry dump======
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0fb6a909-6086-458f-bd92-1f8ee10042a0}]
ac-pro - c:\program files (x86)\autocompletepro\autocompletepro.dll [2010-02-11 97760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{18df081c-e8ad-4283-a596-fa578c2ebdc3}]
adobe pdf link helper - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll [2010-09-22 75200]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{27b4851a-3207-45a2-b947-be8afe6163ab}]
mcafee phishing filter - c:\progra~1\mcafee\msk\mskapbho.dll [2010-11-25 238056]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{30f9b915-b755-4826-820b-08fba6bd249d}]
conduit engine - c:\program files (x86)\conduitengine\conduitengine.dll [2010-12-09 3911776]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6ebf7485-159f-4bff-a14f-b9e3aac4465b}]
search helper - c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll [2010-09-22 191792]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{72853161-30c5-4d22-b7f9-0bbc1d38a37e}]
groove gfs browser helper - c:\progra~2\micros~4\office14\grooveex.dll [2010-03-25 4222864]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7db2d5a0-7241-4e79-b68d-6309f01c5231}]
scriptproxy - c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20101120111342.dll [2010-10-13 73288]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{87775fdb-6972-41f9-ae51-8326e38cb206}]
utorrentbar_nl toolbar - c:\program files (x86)\utorrentbar_nl\tbutor.dll [2010-12-09 3911776]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030d464-4c02-4abf-8ecc-5164760863c6}]
windows live id sign-in helper - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll [2010-09-21 439168]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{9fdde16b-836f-4806-ab1f-1455cbeff289}]
windows live messenger companion helper - c:\program files (x86)\windows live\companion\companioncore.dll [2010-09-22 393600]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
google toolbar helper - c:\program files (x86)\google\google toolbar\googletoolbar_32.dll [2011-02-18 297648]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
google toolbar notifier bho - c:\program files (x86)\google\googletoolbarnotifier\5.6.5805.1910\swg.dll [2011-02-18 843832]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{b164e929-a1b6-4a06-b104-2cd0e90a88ff}]
mcafee siteadvisor bho - c:\progra~2\mcafee\sitead~1\mcieplg.dll [2011-01-04 251416]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{b4f3a835-0e21-4959-ba22-42b3008e02ff}]
office document cache handler - c:\progra~2\micros~4\office14\urlredir.dll [2010-02-28 561552]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
java(tm) plug-in 2 ssv helper - c:\program files (x86)\java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[hkey_local_machine\software\microsoft\internet explorer\toolbar]
{0ebbbe48-bad4-4b4c-8e5a-516abecae064} - mcafee siteadvisor toolbar - c:\progra~2\mcafee\sitead~1\mcieplg.dll [2011-01-04 251416]
{87775fdb-6972-41f9-ae51-8326e38cb206} - utorrentbar_nl toolbar - c:\program files (x86)\utorrentbar_nl\tbutor.dll [2010-12-09 3911776]
{30f9b915-b755-4826-820b-08fba6bd249d} - conduit engine - c:\program files (x86)\conduitengine\conduitengine.dll [2010-12-09 3911776]
{2318c2b1-4965-11d4-9b18-009027a5cd4f} - google toolbar - c:\program files (x86)\google\google toolbar\googletoolbar_32.dll [2011-02-18 297648]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"qlbctrl.exe"=c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe [2010-02-25 287800]
"nusb3mon"=c:\program files (x86)\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe [2009-11-21 106496]
"imss"=c:\program files (x86)\intel\intel(r) management engine components\imss\piconstartup.exe [2009-11-04 111640]
"mcui_exe"=c:\program files\mcafee.com\agent\mcagent.exe [2010-09-30 1484856]
"bcssync"=c:\program files (x86)\microsoft office\office14\bcssync.exe [2010-03-13 91520]
"adobe reader speed launcher"=c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe [2011-01-31 35760]
"adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2010-09-20 932288]
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2010-05-14 248552]
"quicktime task"=c:\program files (x86)\quicktime\qttask.exe [2010-11-29 421888]
"ituneshelper"=c:\program files (x86)\itunes\ituneshelper.exe [2011-01-25 421160]
[hkey_current_user\software\microsoft\windows\currentversion\run]
"google update"=c:\users\radz\appdata\local\google\update\googleupdate.exe [2010-09-11 136176]
"sidebar"=c:\program files\windows sidebar\sidebar.exe [2009-07-14 1475072]
"msnmsgr"=c:\program files (x86)\windows live\messenger\msnmsgr.exe [2010-09-22 4240760]
"swg"=c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe [2011-02-16 39408]
c:\programdata\microsoft\windows\start menu\programs\startup
vpngui.exe.lnk - c:\windows\installer\{467d5e81-8349-4892-9e81-c3674ed8e451}\icon09db8a851.exe
c:\users\radz\appdata\roaming\microsoft\windows\start menu\programs\startup
openoffice.org 3.2 .lnk - c:\program files (x86)\openoffice.org 3\program\quickstart.exe
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{b5a7f190-dda6-4420-b3ba-52453494e6cd}"=c:\progra~2\micros~4\office14\grooveex.dll [2010-03-25 4222864]
[hkey_local_machine\system\currentcontrolset\control\securityproviders]
"securityproviders"=credssp.dll
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\appinfo]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\efs]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\keyiso]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\mcmscsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\mcods]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\ntds]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\power]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\profsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\rpceptmapper]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\sacsvr]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\swprv]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\tabletinputservice]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\tbs]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\trustedinstaller]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\vmms]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\volmgr.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\wdf01000.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\windefend]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\wudfpf]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\wudfrd]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\wudfsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{6bdd1fc1-810f-11d0-bec7-08002be2092f}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{d48179be-ec20-11d1-b6b8-00c04fa372a7}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\appinfo]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\bfe]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\bowser]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\dfsc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\dot3svc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\eaphost]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\efs]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\ikeext]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\keyiso]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mcmpfsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mcmscsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mcods]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mfefire]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mfefirek]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mfefirek.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mfehidk]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mfehidk.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mfevtp]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mpsdrv]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mpssvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mrxsmb]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mrxsmb10]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\mrxsmb20]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\nativewifip]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\ndiscap]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\netprofm]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\nlasvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\nsi]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\nsiproxy.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\ntds]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\policyagent]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\power]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\profsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\rdbss]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\rdpencdd.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\rpceptmapper]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\sacsvr]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\scardsvr]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\swprv]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\tabletinputservice]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\tbs]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\trustedinstaller]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\vaultsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\vds]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\vmms]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\volmgr.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\volmgrx.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wdf01000.sys]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\windefend]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wlansvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfpf]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfrd]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfsvc]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\wudfusbcciddriver]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\{50dd5230-ba8a-11d1-bf5d-0000f805f530}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\{533c5b84-ec70-11d2-9505-00c04f79deaf}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\{6bdd1fc1-810f-11d0-bec7-08002be2092f}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\{d48179be-ec20-11d1-b6b8-00c04fa372a7}]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}]
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"=5
"consentpromptbehavioruser"=3
"enableuiadesktoptoggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"softwaresasgeneration"=3
[hkey_local_machine\software\microsoft\windows\currentversion\policies\explorer]
"noactivedesktop"=1
"noactivedesktopchanges"=1
"forceactivedesktopon"=0
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
======file associations======
.js - edit - c:\windows\system32\notepad.exe %1
.js - open - c:\windows\system32\wscript.exe "%1" %*
======list of files/folders created in the last 3 months======
2011-02-21 13:45:45 ----d---- c:\rsit
2011-02-21 13:45:45 ----d---- c:\program files (x86)\trend micro
2011-02-20 16:03:19 ----d---- c:\users\radz\appdata\roaming\ibm
2011-02-20 16:03:19 ----d---- c:\programdata\ibm
2011-02-20 16:03:18 ----d---- c:\users\radz\appdata\roaming\dassaultsystemes
2011-02-20 16:03:18 ----d---- c:\programdata\dassaultsystemes
2011-02-17 15:05:04 ----d---- c:\program files (x86)\cisco systems
2011-02-16 16:45:13 ----d---- c:\users\radz\appdata\roaming\google
2011-02-16 15:58:30 ----d---- c:\programdata\google
2011-02-16 15:58:30 ----d---- c:\program files (x86)\google
2011-02-16 15:09:40 ----d---- c:\program files (x86)\rcrawler
2011-02-14 19:54:13 ----a---- c:\windows\syswow64\mshtml.dll
2011-02-14 19:54:10 ----a---- c:\windows\syswow64\mstime.dll
2011-02-14 19:54:10 ----a---- c:\windows\syswow64\msfeeds.dll
2011-02-14 19:54:10 ----a---- c:\windows\syswow64\iertutil.dll
2011-02-14 19:54:10 ----a---- c:\windows\syswow64\iedkcs32.dll
2011-02-14 19:54:09 ----a---- c:\windows\syswow64\mshtmled.dll
2011-02-14 19:54:09 ----a---- c:\windows\syswow64\msfeedssync.exe
2011-02-14 19:54:09 ----a---- c:\windows\syswow64\msfeedsbs.dll
2011-02-14 19:54:09 ----a---- c:\windows\syswow64\licmgr10.dll
2011-02-14 19:54:09 ----a---- c:\windows\syswow64\iepeers.dll
2011-02-14 19:54:05 ----a---- c:\windows\syswow64\kerberos.dll
2011-02-14 19:53:55 ----a---- c:\windows\syswow64\upnp.dll
2011-02-14 19:53:54 ----a---- c:\windows\syswow64\wininet.dll
2011-02-14 19:53:54 ----a---- c:\windows\syswow64\urlmon.dll
2011-02-14 19:53:54 ----a---- c:\windows\syswow64\msxml6.dll
2011-02-14 19:53:54 ----a---- c:\windows\syswow64\msxml3.dll
2011-02-14 19:53:54 ----a---- c:\windows\syswow64\ieframe.dll
2011-02-14 19:53:53 ----a---- c:\windows\syswow64\wscapi.dll
2011-02-14 19:53:53 ----a---- c:\windows\syswow64\winhttp.dll
2011-02-14 19:53:53 ----a---- c:\windows\syswow64\webclnt.dll
2011-02-14 19:53:53 ----a---- c:\windows\syswow64\slwga.dll
2011-02-14 19:53:53 ----a---- c:\windows\syswow64\davclnt.dll
2011-02-14 19:53:50 ----a---- c:\windows\syswow64\vbscript.dll
2011-02-14 19:53:50 ----a---- c:\windows\syswow64\jscript.dll
2011-02-14 19:53:47 ----a---- c:\windows\syswow64\ntoskrnl.exe
2011-02-14 19:53:47 ----a---- c:\windows\syswow64\ntkrnlpa.exe
2011-02-14 19:53:47 ----a---- c:\windows\syswow64\ntdll.dll
2011-02-14 19:52:32 ----a---- c:\windows\syswow64\atmlib.dll
2011-02-14 19:52:32 ----a---- c:\windows\syswow64\atmfd.dll
2011-02-06 13:29:52 ----shd---- c:\config.msi
2011-02-05 00:03:48 ----a---- c:\windows\syswow64\odbc32.dll
2011-01-27 19:27:52 ----d---- c:\users\radz\appdata\roaming\vlc
2011-01-27 19:27:37 ----d---- c:\program files (x86)\videolan
2011-01-12 10:16:00 ----a---- c:\windows\syswow64\dwrite.dll
2011-01-12 10:16:00 ----a---- c:\windows\syswow64\d3d10warp.dll
2011-01-12 10:16:00 ----a---- c:\windows\syswow64\d2d1.dll
2011-01-12 10:15:59 ----a---- c:\windows\syswow64\xpsrasterservice.dll
2011-01-12 10:15:59 ----a---- c:\windows\syswow64\xpsprint.dll
2011-01-12 10:15:59 ----a---- c:\windows\syswow64\xpsgdiconverter.dll
2011-01-12 10:15:59 ----a---- c:\windows\syswow64\explorerframe.dll
2011-01-12 10:15:59 ----a---- c:\windows\syswow64\d3d10_1core.dll
2011-01-12 10:15:58 ----a---- c:\windows\syswow64\d3d10_1.dll
2011-01-04 11:15:51 ----d---- c:\program files (x86)\itunes
2011-01-04 11:12:54 ----d---- c:\program files (x86)\quicktime
2011-01-03 13:52:33 ----a---- c:\windows\syswow64\javaws.exe
2011-01-03 13:52:33 ----a---- c:\windows\syswow64\javaw.exe
2011-01-03 13:52:33 ----a---- c:\windows\syswow64\java.exe
2010-12-31 16:54:13 ----d---- c:\users\radz\appdata\roaming\filezilla
2010-12-31 16:54:08 ----d---- c:\program files (x86)\filezilla ftp client
2010-12-29 12:41:19 ----d---- c:\program files (x86)\conduit
2010-12-29 12:41:17 ----d---- c:\program files (x86)\conduitengine
2010-12-29 12:41:16 ----d---- c:\program files (x86)\utorrentbar_nl
2010-12-28 13:04:20 ----d---- c:\program files (x86)\autocompletepro
2010-12-28 13:03:04 ----d---- c:\program files (x86)\mkv player
2010-12-22 12:12:38 ----d---- c:\users\radz\appdata\roaming\teamviewer
2010-12-18 17:15:50 ----d---- c:\program files (x86)\dassault systemes
2010-12-18 17:14:52 ----d---- c:\logfiles
2010-12-18 16:23:11 ----d---- c:\program files (x86)\ea games
2010-12-16 19:13:28 ----d---- c:\programdata\{23d58e70-3b83-4b83-a227-68770f84f5ec}
2010-12-15 15:42:17 ----a---- c:\windows\syswow64\tzres.dll
2010-12-15 15:42:00 ----a---- c:\windows\syswow64\taskschd.dll
2010-12-15 15:42:00 ----a---- c:\windows\syswow64\taskeng.exe
2010-12-15 15:42:00 ----a---- c:\windows\syswow64\taskcomp.dll
2010-12-15 15:42:00 ----a---- c:\windows\syswow64\schtasks.exe
2010-12-15 15:41:55 ----a---- c:\windows\syswow64\webio.dll
2010-12-15 15:41:45 ----a---- c:\windows\syswow64\jsproxy.dll
2010-12-15 15:41:45 ----a---- c:\windows\syswow64\ieui.dll
2010-12-11 14:29:16 ----d---- c:\program files (x86)\directvobsub
2010-12-03 19:36:02 ----d---- c:\program files (x86)\abn amro e.dentifier2
======list of files/folders modified in the last 3 months======
2011-02-21 13:52:59 ----d---- c:\windows\temp
2011-02-21 13:51:57 ----d---- c:\windows\prefetch
2011-02-21 13:45:45 ----rd---- c:\program files (x86)
2011-02-21 09:42:53 ----a---- c:\windows\syswow64\log.txt
2011-02-20 19:56:15 ----d---- c:\windows\system32
2011-02-20 19:56:15 ----d---- c:\windows\inf
2011-02-20 16:16:58 ----d---- c:\users\radz\appdata\roaming\utorrent
2011-02-20 16:03:31 ----shd---- c:\windows\installer
2011-02-20 16:03:19 ----hd---- c:\programdata
2011-02-20 16:03:10 ----shd---- c:\system volume information
2011-02-17 15:46:01 ----d---- c:\program files (x86)\microsoft silverlight
2011-02-17 15:06:07 ----d---- c:\windows
2011-02-16 16:44:15 ----d---- c:\windows\syswow64
2011-02-16 16:44:11 ----rd---- c:\program files
2011-02-16 15:59:24 ----d---- c:\windows\tasks
2011-02-15 13:34:33 ----d---- c:\windows\winsxs
2011-02-15 13:32:42 ----d---- c:\program files (x86)\internet explorer
2011-02-15 13:29:54 ----d---- c:\programdata\microsoft help
2011-02-14 20:14:12 ----d---- c:\program files (x86)\mcafee
2011-02-14 19:46:02 ----d---- c:\windows\appcompat
2011-02-14 19:45:53 ----d---- c:\windows\registration
2011-02-06 13:32:04 ----d---- c:\program files (x86)\common files\apple
2011-02-05 11:46:19 ----d---- c:\swsetup
2011-02-04 23:59:36 ----d---- c:\program files (x86)\common files\mcafee
2011-02-04 23:58:10 ----rhd---- c:\msocache
2011-01-08 11:21:25 ----sd---- c:\users\radz\appdata\roaming\microsoft
2011-01-03 13:52:29 ----d---- c:\program files (x86)\java
2010-12-23 20:08:23 ----d---- c:\windows\minidump
2010-12-23 14:44:15 ----d---- c:\users\radz\appdata\roaming\hpqlog
2010-12-18 17:29:34 ----d---- c:\program files (x86)\microsoft office
2010-12-18 17:29:34 ----d---- c:\program files (x86)\common files\designer
2010-12-18 16:42:19 ----d---- c:\windows\downloaded program files
2010-12-18 16:13:04 ----d---- c:\windows\rescache
2010-12-17 13:53:24 ----d---- c:\programdata\hewlett-packard
2010-12-17 10:01:07 ----d---- c:\windows\help
2010-12-16 19:15:21 ----hd---- c:\program files (x86)\installshield installation information
2010-12-16 19:15:11 ----rsd---- c:\windows\assembly
2010-12-16 19:14:45 ----d---- c:\program files (x86)\hewlett-packard
2010-12-15 20:18:32 ----d---- c:\program files (x86)\mozilla firefox
2010-12-15 20:16:53 ----d---- c:\windows\syswow64\en-us
2010-12-15 20:16:51 ----d---- c:\program files (x86)\windows mail
2010-12-15 20:16:50 ----d---- c:\windows\syswow64\migration
2010-12-05 22:16:31 ----d---- c:\programdata\nvidia
2010-12-05 22:12:52 ----d---- c:\programdata\nvidia corporation
======list of drivers (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r0 adp94xx;adp94xx; c:\windows\system32\drivers\adp94xx.sys []
r0 adpahci;adpahci; c:\windows\system32\drivers\adpahci.sys []
r0 adpu320;adpu320; c:\windows\system32\drivers\adpu320.sys []
r0 amdide;amdide; c:\windows\system32\drivers\amdide.sys []
r0 amdsata;amdsata; c:\windows\system32\drivers\amdsata.sys []
r0 amdsbs;amdsbs; c:\windows\system32\drivers\amdsbs.sys []
r0 amdxata;amdxata; c:\windows\system32\drivers\amdxata.sys []
r0 arc;arc; c:\windows\system32\drivers\arc.sys []
r0 arcsas;adaptec sas/sata-ii raid windows inbox miniport driver; c:\windows\system32\drivers\arcsas.sys []
r0 clfs;@%systemroot%\system32\clfs.sys,-100; c:\windows\system32\clfs.sys []
r0 cng;cng; c:\windows\system32\drivers\cng.sys []
r0 elxstor;elxstor; c:\windows\system32\drivers\elxstor.sys []
r0 fileinfo;@%systemroot%\system32\drivers\fileinfo.sys,-100; c:\windows\system32\drivers\fileinfo.sys []
r0 fvevol;@%systemroot%\system32\drivers\fvevol.sys,-100; c:\windows\system32\drivers\fvevol.sys []
r0 hpdskflt;hp filter; c:\windows\system32\drivers\hpdskflt.sys []
r0 hpsamd;hpsamd; c:\windows\system32\drivers\hpsamd.sys []
r0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; c:\windows\system32\drivers\hwpolicy.sys []
r0 iastor;intel ahci controller; c:\windows\system32\drivers\iastor.sys []
r0 iastorv;intel raid controller windows 7; c:\windows\system32\drivers\iastorv.sys []
r0 iirsp;iirsp; c:\windows\system32\drivers\iirsp.sys []
r0 ksecpkg;ksecpkg; c:\windows\system32\drivers\ksecpkg.sys []
r0 lsi_fc;lsi_fc; c:\windows\system32\drivers\lsi_fc.sys []
r0 lsi_sas;lsi_sas; c:\windows\system32\drivers\lsi_sas.sys []
r0 lsi_sas2;lsi_sas2; c:\windows\system32\drivers\lsi_sas2.sys []
r0 lsi_scsi;lsi_scsi; c:\windows\system32\drivers\lsi_scsi.sys []
r0 megasas;megasas; c:\windows\system32\drivers\megasas.sys []
r0 megasr;megasr; c:\windows\system32\drivers\megasr.sys []
r0 mfehidk;mcafee inc. mfehidk; c:\windows\system32\drivers\mfehidk.sys []
r0 mfewfpk;mcafee inc. mfewfpk; c:\windows\system32\drivers\mfewfpk.sys []
r0 mpio;microsoft multi-path bus driver; c:\windows\system32\drivers\mpio.sys []
r0 msahci;msahci; c:\windows\system32\drivers\msahci.sys []
r0 msdsm;microsoft multi-path device specific module; c:\windows\system32\drivers\msdsm.sys []
r0 msisadrv;msisadrv; c:\windows\system32\drivers\msisadrv.sys []
r0 nfrd960;nfrd960; c:\windows\system32\drivers\nfrd960.sys []
r0 nvraid;nvraid; c:\windows\system32\drivers\nvraid.sys []
r0 nvstor;nvstor; c:\windows\system32\drivers\nvstor.sys []
r0 pcw;performance counters for windows driver; c:\windows\system32\drivers\pcw.sys []
r0 ql2300;qlogic fibre channel miniport driver; c:\windows\system32\drivers\ql2300.sys []
r0 ql40xx;qlogic iscsi miniport driver; c:\windows\system32\drivers\ql40xx.sys []
r0 rdyboost;readyboost; c:\windows\system32\drivers\rdyboost.sys []
r0 sbp2port;sbp-2 transport/protocol bus driver; c:\windows\system32\drivers\sbp2port.sys []
r0 sisraid2;sisraid2; c:\windows\system32\drivers\sisraid2.sys []
r0 sisraid4;sisraid4; c:\windows\system32\drivers\sisraid4.sys []
r0 spldr;security processor loader driver; c:\windows\syswow64\drivers\spldr.sys []
r0 stexstor;stexstor; c:\windows\system32\drivers\stexstor.sys []
r0 vdrvroot;microsoft virtual drive enumerator driver; c:\windows\system32\drivers\vdrvroot.sys []
r0 volmgr;volume manager driver; c:\windows\system32\drivers\volmgr.sys []
r0 volmgrx;@%systemroot%\system32\drivers\volmgrx.sys,-100; c:\windows\system32\drivers\volmgrx.sys []
r0 vsmraid;vsmraid; c:\windows\system32\drivers\vsmraid.sys []
r0 wd;microsoft watchdog timer driver; c:\windows\system32\drivers\wd.sys []
r0 wdf01000;kernel mode driver frameworks service; c:\windows\system32\drivers\wdf01000.sys []
r1 blbdrive;blbdrive; c:\windows\system32\drivers\blbdrive.sys []
r1 dfsc;@%systemroot%\system32\drivers\dfsc.sys,-101; c:\windows\system32\drivers\dfsc.sys []
r1 discache;@%systemroot%\system32\drivers\discache.sys,-102; c:\windows\system32\drivers\discache.sys []
r1 mfenlfk;mcafee ndis light filter; c:\windows\system32\drivers\mfenlfk.sys []
r1 nsiproxy;@%systemroot%\system32\drivers\nsiproxy.sys,-2; c:\windows\system32\drivers\nsiproxy.sys []
r1 rdpencdd;@%systemroot%\system32\drivers\rdpencdd.sys,-101; c:\windows\system32\drivers\rdpencdd.sys []
r1 rdprefmp;@%systemroot%\system32\drivers\rdprefmp.sys,-101; c:\windows\system32\drivers\rdprefmp.sys []
r1 tdx;@%systemroot%\system32\tcpipcfg.dll,-50004; c:\windows\system32\drivers\tdx.sys []
r1 vwififlt;virtual wifi filter driver; c:\windows\system32\drivers\vwififlt.sys []
r1 wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; c:\windows\system32\drivers\wanarp.sys []
r1 wfplwf;wfp lightweight filter; c:\windows\system32\drivers\wfplwf.sys []
r2 lltdio;link-layer topology discovery mapper i/o driver; c:\windows\system32\drivers\lltdio.sys []
r2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; c:\windows\system32\drivers\luafv.sys []
r2 peauth;peauth; c:\windows\system32\drivers\peauth.sys []
r2 rimmptsk;rimmptsk; c:\windows\system32\drivers\rimmpx64.sys []
r2 rimsptsk;rimsptsk; c:\windows\system32\drivers\rimspx64.sys []
r2 rismxdp;ricoh xd-picture card driver; c:\windows\system32\drivers\rixdpx64.sys []
r2 rspndr;link-layer topology discovery responder; c:\windows\system32\drivers\rspndr.sys []
r2 tcpipreg;tcp/ip registry compatibility; c:\windows\system32\drivers\tcpipreg.sys []
r3 1394ohci;1394 ohci compliant host controller; c:\windows\system32\drivers\1394ohci.sys []
r3 accelerometer;hp mobile data protection sensor; c:\windows\system32\drivers\accelerometer.sys []
r3 bowser;@%systemroot%\system32\browser.dll,-102; c:\windows\system32\drivers\bowser.sys []
r3 bthenum;bluetooth request block driver; c:\windows\system32\drivers\bthenum.sys []
r3 bthpan;bluetooth device (personal area network); c:\windows\system32\drivers\bthpan.sys []
r3 bthusb;bluetooth radio usb driver; c:\windows\system32\drivers\bthusb.sys []
r3 btusbflt;bluetooth usb filter; c:\windows\system32\drivers\btusbflt.sys []
r3 cfwids;mcafee inc. cfwids; c:\windows\system32\drivers\cfwids.sys []
r3 compositebus;composite bus enumerator driver; c:\windows\system32\drivers\compositebus.sys []
r3 cvpndrva;cisco systems inc. ipsec driver; \??\c:\windows\system32\drivers\cvpndrva.sys []
r3 dne;deterministic network enhancer miniport; c:\windows\system32\drivers\dne64x.sys []
r3 dxgkrnl;lddm graphics subsystem; c:\windows\system32\drivers\dxgkrnl.sys []
r3 e1kexpress;intel(r) pro/1000 pci express network connection driver k; c:\windows\system32\drivers\e1k62x64.sys []
r3 gearaspiwdm;gear aspi filter driver; c:\windows\system32\drivers\gearaspiwdm.sys [2010-08-30 15664]
r3 hdaudbus;microsoft uaa bus driver for high definition audio; c:\windows\system32\drivers\hdaudbus.sys []
r3 hecix64;intel(r) management engine interface; c:\windows\system32\drivers\hecix64.sys []
r3 hpqkbfiltr;hpqkbfilter driver; c:\windows\system32\drivers\hpqkbfiltr.sys []
r3 intelppm;intel processor driver; c:\windows\system32\drivers\intelppm.sys []
r3 ksthunk;kernel streaming thunks; c:\windows\system32\drivers\ksthunk.sys []
r3 mfeapfk;mcafee inc. mfeapfk; c:\windows\system32\drivers\mfeapfk.sys []
r3 mfeavfk;mcafee inc. mfeavfk; c:\windows\system32\drivers\mfeavfk.sys []
r3 mfefirek;mcafee inc. mfefirek; c:\windows\system32\drivers\mfefirek.sys []
r3 monitor;microsoft monitor class function driver service; c:\windows\system32\drivers\monitor.sys []
r3 mpsdrv;@%systemroot%\system32\firewallapi.dll,-23092; c:\windows\system32\drivers\mpsdrv.sys []
r3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; c:\windows\system32\drivers\mrxsmb10.sys []
r3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; c:\windows\system32\drivers\mrxsmb20.sys []
r3 nativewifip;nativewifi filter; c:\windows\system32\drivers\nwifi.sys []
r3 netwns64;___ intel(r) wireless wifi link 5000 series adapter driver for windows 7 - 64 bit; c:\windows\system32\drivers\netwns64.sys []
r3 nusb3hub;nec electronics usb 3.0 hub driver; c:\windows\system32\drivers\nusb3hub.sys []
r3 nusb3xhc;nec electronics usb 3.0 host controller driver; c:\windows\system32\drivers\nusb3xhc.sys []
r3 nvhda;service for nvidia high definition audio driver; c:\windows\system32\drivers\nvhda64v.sys []
r3 nvlddmkm;nvlddmkm; c:\windows\system32\drivers\nvlddmkm.sys []
r3 rasagilevpn;wan miniport (ikev2); c:\windows\system32\drivers\agilevpn.sys []
r3 rassstp;@%systemroot%\system32\sstpsvc.dll,-202; c:\windows\system32\drivers\rassstp.sys []
r3 rfcomm;bluetooth device (rfcomm protocol tdi); c:\windows\system32\drivers\rfcomm.sys []
r3 rismcx64;ricoh smart card reader; c:\windows\system32\drivers\rismcx64.sys []
r3 scfilter;@%systemroot%\system32\drivers\scfilter.sys,-11; c:\windows\system32\drivers\scfilter.sys []
r3 sdbus;sdbus; c:\windows\system32\drivers\sdbus.sys []
r3 srv2;@%systemroot%\system32\srvsvc.dll,-104; c:\windows\system32\drivers\srv2.sys []
r3 srvnet;srvnet; c:\windows\system32\drivers\srvnet.sys []
r3 sthda;idt high definition audio codec; c:\windows\system32\drivers\stwrt64.sys []
r3 syntp;synaptics touchpad driver; c:\windows\system32\drivers\syntp.sys []
r3 tpm;tpm; c:\windows\system32\drivers\tpm.sys []
r3 tunnel;microsoft tunnel miniport adapter driver; c:\windows\system32\drivers\tunnel.sys []
r3 umbus;umbus enumerator driver; c:\windows\system32\drivers\umbus.sys []
r3 vwifibus;virtual wifi bus driver; c:\windows\system32\drivers\vwifibus.sys []
r3 vwifimp;microsoft virtual wifi miniport service; c:\windows\system32\drivers\vwifimp.sys []
r3 winusb;winusb service; c:\windows\system32\drivers\winusb.sys []
r3 wmiacpi;microsoft windows management interface for acpi; c:\windows\system32\drivers\wmiacpi.sys []
r3 wudfpf;user mode driver frameworks platform driver; c:\windows\system32\drivers\wudfpf.sys []
s2 rimspci;rimspci; c:\windows\system32\drivers\rimspe64.sys []
s2 risdpcie;risdpcie; c:\windows\system32\drivers\risdpe64.sys []
s2 rixdpcie;rixdpcie; c:\windows\system32\drivers\rixdpe64.sys []
s3 acpipmi;acpi power meter driver; c:\windows\system32\drivers\acpipmi.sys []
s3 ageresoftmodem;agere systems soft modem; c:\windows\system32\drivers\agrsm64.sys []
s3 agp440;intel agp bus filter; c:\windows\system32\drivers\agp440.sys []
s3 amdk8;amd k8 processor driver; c:\windows\system32\drivers\amdk8.sys []
s3 amdppm;amd processor driver; c:\windows\system32\drivers\amdppm.sys []
s3 appid;@%systemroot%\system32\appidsvc.dll,-102; c:\windows\system32\drivers\appid.sys []
s3 b06bdrv;broadcom netxtreme ii vbd; c:\windows\system32\drivers\bxvbda.sys []
s3 b57nd60a;broadcom netxtreme gigabit ethernet - ndis 6.0; c:\windows\system32\drivers\b57nd60a.sys []
s3 brfiltlo;brother usb mass-storage lower filter driver; c:\windows\system32\drivers\brfiltlo.sys []
s3 brfiltup;brother usb mass-storage upper filter driver; c:\windows\system32\drivers\brfiltup.sys []
s3 brserid;brother mfc serial port interface driver (wdm); c:\windows\system32\drivers\brserid.sys []
s3 brserwdm;brother wdm serial driver; c:\windows\system32\drivers\brserwdm.sys []
s3 brusbmdm;brother mfc usb fax only modem; c:\windows\system32\drivers\brusbmdm.sys []
s3 brusbser;brother mfc usb serial wdm driver; c:\windows\system32\drivers\brusbser.sys []
s3 bthmodem;bluetooth serial communications driver; c:\windows\system32\drivers\bthmodem.sys []
s3 bthport;bluetooth port driver; c:\windows\system32\drivers\bthport.sys []
s3 circlass;consumer ir devices; c:\windows\system32\drivers\circlass.sys []
s3 cvirta;cisco systems vpn adapter for 64-bit windows; c:\windows\system32\drivers\cvirta64.sys []
s3 e.dentifier2;smartcard reader abn amro e.dentifier2; c:\windows\system32\drivers\aabed2.sys []
s3 ebdrv;broadcom netxtreme ii 10 gige vbd; c:\windows\system32\drivers\evbda.sys []
s3 errdev;microsoft hardware error device driver; c:\windows\system32\drivers\errdev.sys []
s3 exfat;exfat file system driver; c:\windows\syswow64\drivers\exfat.sys []
s3 filetrace;@%systemroot%\system32\drivers\filetrace.sys,-10001; c:\windows\system32\drivers\filetrace.sys []
s3 fsdepends;@%systemroot%\system32\drivers\fsdepends.sys,-10001; c:\windows\system32\drivers\fsdepends.sys []
s3 fssfltr;fssfltr; c:\windows\system32\drivers\fssfltr.sys []
s3 gagp30kx;microsoft generic agpv3.0 filter for k8 processor platforms; c:\windows\system32\drivers\gagp30kx.sys []
s3 hcw85cir;hauppauge consumer infrared receiver; c:\windows\system32\drivers\hcw85cir.sys []
s3 hdaudaddservice;microsoft 1.1 uaa function driver for high definition audio service; c:\windows\system32\drivers\hdaudio.sys []
s3 hidbatt;hid ups battery driver; c:\windows\system32\drivers\hidbatt.sys []
s3 hidbth;microsoft bluetooth hid miniport; c:\windows\system32\drivers\hidbth.sys []
s3 hidir;microsoft infrared hid driver; c:\windows\system32\drivers\hidir.sys []
s3 hidusb;microsoft hid class driver; c:\windows\system32\drivers\hidusb.sys []
s3 ipmidrv;ipmidrv; c:\windows\system32\drivers\ipmidrv.sys []
s3 iscsiprt;iscsiport driver; c:\windows\system32\drivers\msiscsi.sys []
s3 kbdhid;keyboard hid driver; c:\windows\system32\drivers\kbdhid.sys []
s3 mfeavfk01;mcafee inc.; c:\windows\syswow64\drivers\mfeavfk01.sys []
s3 mferkdet;mcafee inc. mferkdet; c:\windows\system32\drivers\mferkdet.sys []
s3 mouhid;mouse hid driver; c:\windows\system32\drivers\mouhid.sys []
s3 mshidkmdf;@%systemroot%\system32\drivers\mshidkmdf.sys,-100; c:\windows\system32\drivers\mshidkmdf.sys []
s3 msrpc;msrpc; c:\windows\syswow64\drivers\msrpc.sys []
s3 mstee;microsoft streaming tee/sink-to-sink converter; c:\windows\system32\drivers\mstee.sys []
s3 mtconfig;microsoft input configuration driver; c:\windows\system32\drivers\mtconfig.sys []
s3 ndiscap;ndis capture lightweight filter; c:\windows\system32\drivers\ndiscap.sys []
s3 netw5s64;intel(r) wireless wifi link 5000 series adapter driver for windows 7 - 64 bit; c:\windows\system32\drivers\netw5s64.sys []
s3 nv_agp;nvidia nforce agp bus filter; c:\windows\system32\drivers\nv_agp.sys []
s3 ohci1394;1394 ohci compliant host controller (legacy); c:\windows\system32\drivers\ohci1394.sys []
s3 qwavedrv;@%systemroot%\system32\drivers\qwavedrv.sys,-1; c:\windows\system32\drivers\qwavedrv.sys []
s3 rdpbus;remote desktop device redirector bus driver; c:\windows\system32\drivers\rdpbus.sys []
s3 sermouse;serial mouse driver; c:\windows\system32\drivers\sermouse.sys []
s3 sffdisk;sff storage class driver; c:\windows\system32\drivers\sffdisk.sys []
s3 sffp_mmc;sff storage protocol driver for mmc; c:\windows\system32\drivers\sffp_mmc.sys []
s3 sffp_sd;sff storage protocol driver for sdbus; c:\windows\system32\drivers\sffp_sd.sys []
s3 smb;@%systemroot%\system32\tcpipcfg.dll,-50005; c:\windows\system32\drivers\smb.sys []
s3 tcpip6;microsoft ipv6 protocol driver; c:\windows\system32\drivers\tcpip.sys []
s3 tssecsrv;@%systemroot%\system32\drivers\tssecsrv.sys,-101; c:\windows\system32\drivers\tssecsrv.sys []
s3 uagp35;microsoft agpv3.5 filter; c:\windows\system32\drivers\uagp35.sys []
s3 uliagpkx;uli agp bus filter; c:\windows\system32\drivers\uliagpkx.sys []
s3 umpass;microsoft umpass driver; c:\windows\system32\drivers\umpass.sys []
s3 usbaapl64;apple mobile usb driver; c:\windows\system32\drivers\usbaapl64.sys []
s3 usbccgp;microsoft usb generic parent driver; c:\windows\system32\drivers\usbccgp.sys []
s3 usbcir;ehome infrared receiver (usbcir); c:\windows\system32\drivers\usbcir.sys []
s3 usbprint;microsoft usb printer class; c:\windows\system32\drivers\usbprint.sys []
s3 usbstor;usb mass storage driver; c:\windows\system32\drivers\usbstor.sys []
s3 usbuhci;microsoft usb universal host controller miniport driver; c:\windows\system32\drivers\usbuhci.sys []
s3 vga;vga; c:\windows\system32\drivers\vgapnp.sys []
s3 vhdmp;vhdmp; c:\windows\system32\drivers\vhdmp.sys []
s3 wacompen;wacom serial pen hid driver; c:\windows\system32\drivers\wacompen.sys []
s3 wimmount;wimmount; c:\windows\system32\drivers\wimmount.sys [2009-07-14 19008]
s3 wudfrd;wudfrd; c:\windows\system32\drivers\wudfrd.sys []
s4 crcdisk;crcdisk filter driver; c:\windows\system32\drivers\crcdisk.sys []
s4 ws2ifsl;@%systemroot%\system32\drivers\ws2ifsl.sys,-1000; c:\windows\system32\drivers\ws2ifsl.sys []
======list of services (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r2 aestfilters;andrea st filters service; c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\aestsr64.exe [2009-03-03 89600]
r2 apple mobile device;mobiel apple apparaat; c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe [2011-01-05 37664]
r2 audioendpointbuilder;@%systemroot%\system32\audiosrv.dll,-204; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 bfe;@%systemroot%\system32\bfe.dll,-1001; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 bonjour service;bonjour-service; c:\program files (x86)\bonjour\mdnsresponder.exe [2010-07-27 345376]
r2 certpropsvc;@%systemroot%\system32\certprop.dll,-11; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 cvpnd;cisco systems, inc. vpn service; c:\program files (x86)\cisco systems\vpn client\cvpnd.exe [2010-03-23 1528616]
r2 dps;@%systemroot%\system32\dps.dll,-500; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 fontcache;@%systemroot%\system32\fntcache.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 gpsvc;@gpapi.dll,-112; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 hp health check service;hp health check service; c:\program files (x86)\hewlett-packard\hp health check\hphc_service.exe [2010-11-15 126520]
r2 hp power assistant service;hp power assistant service; c:\program files\hewlett-packard\hp power assistant\hppa_service.exe [2009-11-19 102968]
r2 hp wireless assistant service;hp wireless assistant service; c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe [2009-11-19 102968]
r2 hp.skyroom.windows.service;hp skyroom; c:\program files (x86)\hewlett-packard\hp skyroom\hp.skyroom.windows.service.exe [2009-11-20 124984]
r2 hpdrvmntsvc.exe;hp quick synchronization service; c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe [2010-10-14 92216]
r2 hpsrv;hp service; c:\windows\system32\hpservice.exe []
r2 iaantmon;intel(r) matrix storage event monitor; c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe [2010-09-16 354840]
r2 ikeext;@%systemroot%\system32\ikeext.dll,-501; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 iphlpsvc;@%systemroot%\system32\iphlpsvc.dll,-500; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 lms;intel(r) management and security application local management service; c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe [2009-11-04 268824]
r2 mcafee siteadvisor service;mcafee siteadvisor service; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 mcmpfsvc;mcafee personal firewall service; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 mcmscsvc;mcafee services; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 mcnaiann;mcafee virusscan announcer; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 mcnasvc;mcafee network agent; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 mcproxy;mcafee proxy service; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 mcshield;mcshield; c:\program files\common files\mcafee\systemcore\\mcshield.exe [2010-08-24 200056]
r2 mfefire;mcafee firewall core service; c:\program files\common files\mcafee\systemcore\\mfefire.exe [2010-10-13 245352]
r2 mfevtp;mcafee validation trust protection service; c:\windows\system32\mfevtps.exe []
r2 mmcss;@%systemroot%\system32\mmcss.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 mpssvc;@%systemroot%\system32\firewallapi.dll,-23090; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 msk80service;mcafee anti-spam service; c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe [2010-03-10 355440]
r2 nlasvc;@%systemroot%\system32\nlasvc.dll,-1; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 nsi;@%systemroot%\system32\nsisvc.dll,-200; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 nvidia performance driver service;nvidia performance driver service; c:\program files\nvidia corporation\performance drivers\nvpdsvc.exe [2009-12-08 6810728]
r2 nvsvc;nvidia display driver service; c:\windows\system32\nvvsvc.exe []
r2 pcasvc;@%systemroot%\system32\pcasvc.dll,-1; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 power;@%systemroot%\system32\umpo.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 profsvc;@%systemroot%\system32\profsvc.dll,-300; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 rgsender;remote graphics sender service; c:\program files (x86)\hewlett-packard\hp skyroom\remote graphics sender\rgsendersvc.exe [2009-11-19 379904]
r2 rpceptmapper;@%windir%\system32\rpcepmap.dll,-1001; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 seaport;seaport; c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe [2010-09-22 249136]
r2 stacsv;audio service; c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe [2010-01-29 244736]
r2 sysmain;@%systemroot%\system32\sysmain.dll,-1000; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 uns;intel(r) management & security application user notification service; c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe [2009-11-04 2320920]
r2 uxsms;@%systemroot%\system32\dwm.exe,-2000; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 vcsfpservice;validity vcs fingerprint service; c:\windows\system32\vcsfpservice.exe [2010-02-18 1664304]
r2 wlansvc;@%systemroot%\system32\wlansvc.dll,-257; c:\windows\system32\svchost.exe [2009-07-14 20992]
r2 wlidsvc;windows live id sign-in assistant; c:\program files\common files\microsoft shared\windows live\wlidsvc.exe [2010-09-21 2286976]
r2 wmpnetworksvc;@%programfiles%\windows media player\wmpnetwk.exe,-101; c:\program files (x86)\windows media player\wmpnetwk.exe []
r2 wsearch;@%systemroot%\system32\searchindexer.exe,-103; c:\windows\system32\searchindexer.exe [2009-07-14 428032]
r3 aelookupsvc;@%systemroot%\system32\aelupsvc.dll,-1; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 appinfo;@%systemroot%\system32\appinfo.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 bthserv;@%systemroot%\system32\bthserv.dll,-101; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 com4qlbex;com4qlbex; c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe [2010-02-25 227896]
r3 fdphost;@%systemroot%\system32\fdphost.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 fdrespub;@%systemroot%\system32\fdrespub.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 fontcache3.0.0.0;@%systemroot%\system32\presentationhost.exe,-3309; c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe [2009-06-10 42840]
r3 homegrouplistener;@%systemroot%\system32\listsvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 homegroupprovider;@%systemroot%\system32\provsvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 hpqwmiex;hp software framework service; c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe [2010-10-14 751672]
r3 ipod service;ipod-service; c:\program files\ipod\bin\ipodservice.exe [2011-01-25 933664]
r3 keyiso;@keyiso.dll,-100; c:\windows\system32\lsass.exe []
r3 netprofm;@%systemroot%\system32\netprofm.dll,-202; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 osppsvc;office software protection platform; c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe [2010-01-09 4925184]
r3 p2pimsvc;@%systemroot%\system32\pnrpsvc.dll,-8004; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 p2psvc;@%systemroot%\system32\p2psvc.dll,-8006; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 pnrpsvc;@%systemroot%\system32\pnrpsvc.dll,-8000; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 wdiservicehost;@%systemroot%\system32\wdi.dll,-502; c:\windows\system32\svchost.exe [2009-07-14 20992]
r3 wdisystemhost;@%systemroot%\system32\wdi.dll,-500; c:\windows\system32\svchost.exe [2009-07-14 20992]
s2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86; c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
s2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64; c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
s2 gupdate;google updateservice (gupdate); c:\program files (x86)\google\update\googleupdate.exe [2011-02-16 135664]
s2 sppsvc;@%systemroot%\system32\sppsvc.exe,-101; c:\windows\system32\sppsvc.exe []
s3 appidsvc;@%systemroot%\system32\appidsvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 axinstsv;@%systemroot%\system32\axinstsv.dll,-103; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 bdesvc;@%systemroot%\system32\bdesvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 defragsvc;@%systemroot%\system32\defragsvc.dll,-101; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 efs;@%systemroot%\system32\efssvc.dll,-100; c:\windows\system32\lsass.exe []
s3 ehrecvr;@%systemroot%\ehome\ehrecvr.exe,-101; c:\windows\ehome\ehrecvr.exe [2010-08-04 696320]
s3 ehsched;@%systemroot%\ehome\ehsched.exe,-101; c:\windows\ehome\ehsched.exe [2009-07-14 127488]
s3 fax;@%systemroot%\system32\fxsresm.dll,-118; c:\windows\system32\fxssvc.exe []
s3 fsssvc;windows live family safety service; c:\program files (x86)\windows live\family safety\fsssvc.exe [2010-09-22 1493352]
s3 gusvc;google software updater; c:\program files (x86)\google\common\google updater\googleupdaterservice.exe [2011-02-16 182768]
s3 idsvc;@%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\servicemodelinstallrc.dll,-8193; c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe [2009-06-10 856384]
s3 ipbusenum;@%systemroot%\system32\ipbusenum.dll,-102; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 ktmrm;@comres.dll,-2946; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 lltdsvc;@%systemroot%\system32\lltdres.dll,-1; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 mcods;mcafee scanner; c:\program files\mcafee\virusscan\mcods.exe [2010-10-07 509416]
s3 microsoft sharepoint workspace audit service;microsoft sharepoint workspace audit service; c:\program files (x86)\microsoft office\office14\groove.exe [2010-03-25 30969208]
s3 msiscsi;@%systemroot%\system32\iscsidsc.dll,-5000; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 ose;office source engine; c:\program files (x86)\common files\microsoft shared\source engine\ose.exe [2010-01-09 149352]
s3 perfhost;@%systemroot%\syswow64\perfhost.exe,-2; c:\windows\syswow64\perfhost.exe [2009-07-14 20992]
s3 pla;@%systemroot%\system32\pla.dll,-500; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 pnrpautoreg;@%systemroot%\system32\pnrpauto.dll,-8002; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 qwave;@%systemroot%\system32\qwave.dll,-1; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 scpolicysvc;@%systemroot%\system32\certprop.dll,-13; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 sdrsvc;@%systemroot%\system32\sdrsvc.dll,-107; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 sensrsvc;@%systemroot%\system32\sensrsvc.dll,-1000; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 sessionenv;@%systemroot%\system32\sessenv.dll,-1026; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 snmptrap;@%systemroot%\system32\snmptrap.exe,-3; c:\windows\system32\snmptrap.exe []
s3 sppuinotify;@%systemroot%\system32\sppuinotify.dll,-103; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 sstpsvc;@%systemroot%\system32\sstpsvc.dll,-200; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 tabletinputservice;@%systemroot%\system32\tabsvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 tbs;@%systemroot%\system32\tbssvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 threadorder;@%systemroot%\system32\mmcss.dll,-102; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 trustedinstaller;@%systemroot%\servicing\trustedinstaller.exe,-100; c:\windows\servicing\trustedinstaller.exe [2009-07-14 194048]
s3 ui0detect;@%systemroot%\system32\ui0detect.exe,-101; c:\windows\system32\ui0detect.exe []
s3 vaultsvc;@%systemroot%\system32\vaultsvc.dll,-1003; c:\windows\system32\lsass.exe []
s3 vds;@%systemroot%\system32\vds.exe,-100; c:\windows\system32\vds.exe []
s3 watadminsvc;@%systemroot%\system32\wat\watux.exe,-601; c:\windows\system32\wat\watadminsvc.exe []
s3 wbengine;@%systemroot%\system32\wbengine.exe,-104; c:\windows\system32\wbengine.exe []
s3 wbiosrvc;@%systemroot%\system32\wbiosrvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wcncsvc;@%systemroot%\system32\wcncsvc.dll,-3; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wcspluginservice;@%systemroot%\system32\wcspluginservice.dll,-200; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wecsvc;@%systemroot%\system32\wecsvc.dll,-200; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wercplsupport;@%systemroot%\system32\wercplsupport.dll,-101; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wersvc;@%systemroot%\system32\wersvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 windefend;@%programfiles%\windows defender\msmpres.dll,-103; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 winhttpautoproxysvc;@%systemroot%\system32\winhttp.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 winrm;@%systemroot%\system32\wsmsvc.dll,-101; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wpcsvc;@%systemroot%\system32\wpcsvc.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s3 wpdbusenum;@%systemroot%\system32\wpdbusenum.dll,-100; c:\windows\system32\svchost.exe [2009-07-14 20992]
s4 clr_optimization_v2.0.50727_32;microsoft .net framework ngen v2.0.50727_x86; c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
s4 clr_optimization_v2.0.50727_64;microsoft .net framework ngen v2.0.50727_x64; c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
s4 mcx2svc;@%systemroot%\ehome\ehres.dll,-15501; c:\windows\system32\svchost.exe [2009-07-14 20992]
s4 nettcpportsharing;@%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\servicemodelinstallrc.dll,-8201; c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe [2009-06-10 116560]
s4 wlcrasvc;windows live mesh remote connections service; c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------eof-----------------

[/hjt]
 
info.txt logfile of random's system information tool 1.08 2011-02-21 13:45:55

======Uninstall list======

Torrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
ABN AMRO e.dentifier2 software-->MsiExec.exe /X{D820BECD-97D3-4942-B6CF-1B670CA7690C}
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Reader 9.4.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A94000000001}
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
AutocompletePro-->"C:\Program Files (x86)\AutocompletePro\unins000.exe"
CFG_CATIA-5R19-EN-W7Ex86-->MsiExec.exe /X{50629187-2C5B-405A-A8E0-CFB38AF8F719}
Conduit Engine-->C:\PROGRA~2\CONDUI~1\ConduitEngineUninstall.exe
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A004ADA8-EFD6-4CFE-849A-0C91B4C665FC}" "1043" "0"
DirectVobSub (remove only)-->"C:\Program Files (x86)\DirectVobSub\uninstall.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP Common Access Service Library-->MsiExec.exe /I{58215966-9BA6-485D-B8DA-4AE31150B92E}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP ESU for Microsoft Windows 7-->MsiExec.exe /X{884F42B0-4BDD-46C1-BED5-E7FCFB9BF3A2}
HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0409 -removeonly uninst
HP QuickLook-->MsiExec.exe /X{11840A12-B637-4821-9137-7D3AF1FED256}
HP QuickWeb-->MsiExec.exe /X{7861911B-4270-498A-8F7A-FCF0570F484B}
HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}\setup.exe" -l0x9 -removeonly
HP SkyRoom-->"C:\Program Files (x86)\InstallShield Installation Information\{17DA6412-EC90-42D1-A9A4-661416750025}\setup.exe" -runfromtemp -l0x0413 -removeonly
HP SkyRoom-->MsiExec.exe /I{17DA6412-EC90-42D1-A9A4-661416750025}
HP SoftPaq Download Manager-->MsiExec.exe /I{E1CD7FC4-98F6-4A14-A8C8-A01D6F6F8FC3}
HP Software Setup-->MsiExec.exe /X{04801E42-B1A6-4C52-9F3D-CADB5A050433}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP User Guides 0159-->MsiExec.exe /X{5D205683-5AC7-4BBA-B45F-EC31DF297643}
HP Wallpaper-->MsiExec.exe /X{F173C2B3-296F-458C-98FF-1676A42EBA02}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
McAfee Internet Security-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{50816F92-1652-4A7C-B9BC-48F682742C4B}
Microsoft Office Access MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}
Microsoft Office Groove MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00BA-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0044-0413-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Dutch) 2010-->MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2010-->MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2010-->MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2010-->MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2010-->MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit-->MsiExec.exe /X{95140000-007D-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
NEC Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\setup.exe" -runfromtemp -l0x0409 -removeonly
NEC Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B}
Pro Evolution Soccer 2011 DEMO-->MsiExec.exe /X{336C4194-47FA-40A8-8D65-21000CA5186E}
QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A}
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Remote Graphics Receiver-->"C:\Program Files (x86)\InstallShield Installation Information\{16FC3056-90C0-4757-8A68-64D8DA846ADA}\setup.exe" -runfromtemp -l0x0009 -removeonly
Remote Graphics Sender-->"C:\Program Files (x86)\InstallShield Installation Information\{2A08C71B-CC60-42EA-8DA2-FE5486E3B20B}\setup.exe" -runfromtemp -l0x0009 -removeonly
RICOH Media Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{F5CC2EF8-20A4-4366-A681-3FE849E65809}\SETUP.EXE" -runfromtemp -l0x0009 anything -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1043" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1043" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1043" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1043" "0"
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1043" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1043" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1043" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1043" "0"
Update for Microsoft OneNote 2010 (KB2433299)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{6C845127-B949-4D76-A732-BCB396AD9AA5}" "1043" "0"
Update for Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{75F91382-920C-4AE1-B9E6-FFFCEDA797E8}" "1043" "0"
Update voor Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{22DEE24B-27D5-43EE-8F54-751956C93477}" "1043" "0"
uTorrentBar_NL Toolbar-->C:\PROGRA~2\UTORRE~1\UNWISE.EXE /U C:\PROGRA~2\UTORRE~1\INSTALL.LOG
Windows 7 Default Setting-->MsiExec.exe /I{5BF8E079-D6E2-4323-B794-75152371122A}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: RFMollee-HP
Event Code: 20
Message: Installation Failure: Windows failed to install the following update with error 0x80080005: Update for Windows 7 for x64-based Systems (KB2388210).
Record Number: 25869
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20101028081508.415612-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: RFMollee-HP
Event Code: 10010
Message: The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout.
Record Number: 25867
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20101028081503.000000-000
Event Type: Error
User:

Computer Name: RFMollee-HP
Event Code: 17
Message: A corrected hardware error has occurred.

Component: PCI Express Root Port
Error Source: Advanced Error Reporting (PCI Express)

Bus:Device:Function: 0x0:0x3:0x0
Vendor ID:Device ID: 0x8086:0xd138
Class Code: 0x30400

The details view of this entry contains further information.
Record Number: 25846
Source Name: Microsoft-Windows-WHEA-Logger
Time Written: 20101028081348.615210-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: RFMollee-HP
Event Code: 27
Message: Intel(R) 82577LM Gigabit Network Connection
Network link is disconnected.

Record Number: 25842
Source Name: e1kexpress
Time Written: 20101028081343.311201-000
Event Type: Warning
User:

Computer Name: RFMollee-HP
Event Code: 516
Message: Process **\MCSVHOST.EXE pid (1028) contains signed but untrusted code, but was allowed to perform a privileged operation with a McAfee driver.
Record Number: 25833
Source Name: mfehidk
Time Written: 20101027194836.133236-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: RFMollee-HP
Event Code: 1
Message: LMS Service cannot connect to Intel(R) MEI driver
Record Number: 1210
Source Name: LMS
Time Written: 20100911191216.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: RFMollee-HP
Event Code: 10005
Message: Product: iTunes -- Dit installatieprogramma van iTunes is bedoeld voor 32-bits versies van Windows. Download en installeer het installatieprogramma voor de 64-bits versie van iTunes.
Record Number: 1173
Source Name: MsiInstaller
Time Written: 20100911175922.000000-000
Event Type: Error
User: RFMollee-HP\Radz

Computer Name: RFMollee-HP
Event Code: 59
Message: Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll" on line 2. Invalid Xml syntax.
Record Number: 1124
Source Name: SideBySide
Time Written: 20100911171602.000000-000
Event Type: Error
User:

Computer Name: RFMollee-HP
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
6 user registry handles leaked from \Registry\User\S-1-5-21-2642140197-1645424346-2896816342-1000:
Process 704 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2642140197-1645424346-2896816342-1000
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2642140197-1645424346-2896816342-1000\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2642140197-1645424346-2896816342-1000\Software\Policies
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2642140197-1645424346-2896816342-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2642140197-1645424346-2896816342-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Process 1056 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2642140197-1645424346-2896816342-1000\Software

Record Number: 1016
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100911161839.471071-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: RFMollee-HP
Event Code: 11
Message: Possible Memory Leak. Application (C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 148) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 1013
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20100911160938.475707-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

=====Security event log=====

Computer Name: RFMollee-HP
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 547
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100911160849.725622-000
Event Type: Audit Success
User:

Computer Name: RFMollee-HP
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: RFMOLLEE-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x290
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 546
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100911160849.725622-000
Event Type: Audit Success
User:

Computer Name: RFMollee-HP
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 545
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100911160416.078539-000
Event Type: Audit Success
User:

Computer Name: RFMollee-HP
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: RFMOLLEE-HP$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x290
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 544
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100911160416.078539-000
Event Type: Audit Success
User:

Computer Name: RFMollee-HP
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-2642140197-1645424346-2896816342-1000
Account Name: Radz
Domain Name: RFMollee-HP
Logon ID: 0xebd80
Record Number: 543
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100911155039.165127-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\MATLAB\R2009bSP1\runtime\win64;C:\Program Files\MATLAB\R2009bSP1\bin;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=1e05
"OnlineServices"=Online Services
"Platform"=BNB
"PCBRAND"=w
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
 
in je log wordt vermeld Microsoft Windows 7 Home Premium Service Pack 3 hoe kun je sp3 al hebben als sp1 nog niet uit is voor windows 7 denk dat je in de zak gezeten ben met een vista
 
Hoi moravan, ik kan mijn vingers er nog niet helemaal opleggen, maar dat je problemen hebt met jouw Windows - dat blijkt!


Doe nu eerst de volgende scan:

Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

Download Malwarebytes MBAM via n van deze locaties:

Allereerst:
  • Al meteen na de installatie wil 'MBAM' zijn database opwaarderen toestaan dus.
  • Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
Malwarebytes MBAM opstarten:
Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

Scannen:
  • Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
  • Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
  • Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.
Infecties gevonden:
  • Klik nu eerst op OK om de melding weg te klikken
  • Klik vervolgens rechtsonder op de knop Bekijk resultaten.
  • Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven dan telkens op 'OK' klikken!
  • Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.
MBAM-Log:
  • Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.
Post aansluitend in je volgende bericht de inhoud van het MBAM-log.
 
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Databaseversie: 5829

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

21-2-2011 14:48:38
mbam-log-2011-02-21 (14-48-38).txt

Scantype: Snelle scan
Objecten gescand: 161590
Verstreken tijd: 3 minuut/minuten, 34 seconde(n)

Geheugenprocessen genfecteerd: 0
Geheugenmodulen genfecteerd: 0
Registersleutels genfecteerd: 0
Registerwaarden genfecteerd: 0
Registerdata genfecteerd: 0
Mappen genfecteerd: 0
Bestanden genfecteerd: 4

Geheugenprocessen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen genfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden genfecteerd:
c:\Users\Radz\AppData\Local\Temp\~osED6D.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\Users\Radz\AppData\Local\Temp\~osED6D.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\Users\Radz\AppData\Local\Temp\~osED6D.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\Users\Radz\AppData\Local\Temp\~osED6D.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan