info.txt logfile of random's system information tool 1.10 2015-07-25 22:20:27 ======MBR====== 0x33C08ED0BC007CFB8EC08ED88BF4BF0006B90002FCF3A4EA60060000000000005265636F766572794D677220000892230000000000000000000000000000000000000000000000000000000000000D0A0000000057000000FFFFFFFFFFFFFFFF864CBDBE3006ACB40E33DBCD100AC075F5E30BFE0613065353E86D00EB36B8125F66BA5150485FCD1580E3017420EB248B166C04FA66A11C06BF5406B103F266AFFB740AA13D0000C283F82476E6B00184C0751CBBC67D668B37668B3E2C06663BF7740780C31073EEEB05BB2806EB10BBC27D807FFC00780780C31073F5EBFE66FF7704E80200FFE4C8100000B408B280CD138AC1243FFEC68AD8F6E6C0E90686CD4191F7E13956068B56068B4604731CF7F19192F6F386CDC0E10602CC418AF0B80102BB007C86261306EB1483C4100E0E52500E68007C6A016A108BF4B80042B280CD13C9C204001E50530E1FBB1B06A01704240F884704E4603CE0741A3C1D74103C2A740C3C3674083C38740484C0790666832700EB06FE07021F88075B581FEA000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007830CC2000080202100077E25190008000000380600007E261907FEFFFF0040060000C88B2300FEFFFF07FEFFFF0008922300A0AD0100FEFFFF0CFEFFFF00A83F25B03A030055AA ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Blasterball 2 Revolution\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Bob the Builder Can-Do-Zoo\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Build-a-lot 2\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Build-a-lot 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Chocolatier - Decadence by Design\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Eighteen Wheels of Steel Haulin'\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Farm Frenzy - Pizza Party\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\FATE Undiscovered Realms\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\John Deere Drive Green\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Liong - The Lost Amulets\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mah Jong Medley\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mortimer Beckett and the Time Paradox\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mystery P.I. - The New York Fortune\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mystery P.I. - The Vegas Heist\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Super Collapse 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\The Hidden Object Game Show\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Totem Tribe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\World of Goo\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall Aangifte inkomstenbelasting 2013-->C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013u.exe Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 18 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe -maintain activex Adobe Flash Player 18 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_Plugin.exe -maintain plugin Adobe Reader 9.5.5 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} AMD USB Filter Driver-->MsiExec.exe /X{5271C0D4-24E4-4C3D-A782-C012033FD3CF} Apple Application Support (32-bit)-->MsiExec.exe /I{7FE25256-B7C1-480D-B736-10A67A833AEA} Apple Application Support (64-bit)-->MsiExec.exe /I{B255D495-4734-4E9B-B4F5-96702FD4A7B9} Apple Mobile Device Support-->MsiExec.exe /I{5D61F006-168C-4B8B-B7FD-F113C10AE0E4} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Ask Toolbar-->MsiExec.exe /X{4F524A2D-5637-006A-76A7-A758B70C0A03} Atheros Driver Installation Program-->C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0013 AVG 2015-->"C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" /AppMode=SETUP /Uninstall /UDS=1 AVG 2015-->MsiExec.exe /I{60617D41-12B1-4D1F-B826-985727E26121} AVG 2015-->MsiExec.exe /I{675D33E3-C95C-495C-9019-FB2987D0FB2C} AVG Security Toolbar-->C:\Program Files (x86)\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL Babylon toolbar -->"C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\GUninstaller.exe" -nowait -ucrmex -uprtc -key BabylonToolbar BabylonObjectInstaller-->MsiExec.exe /I{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Bandoo-->C:\Program Files (x86)\Bandoo\uninstaller.exe BearShare-->"C:\ProgramData\{073730B2-6CAE-4854-85C6-D25002372130}\BearShare_V10_en_Setup.exe" REMOVE=TRUE MODIFY=FALSE BearShare-->C:\ProgramData\{073730B2-6CAE-4854-85C6-D25002372130}\BearShare_V10_en_Setup.exe Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Catalyst Control Center - Branding-->MsiExec.exe /I{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7} Comodo Dragon-->"C:\Program Files (x86)\Comodo\Dragon\uninstall.exe" Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE} CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} ENE CIR Receiver Driver-->C:\PROGRA~1\DIFX\3BD8E4BC84D41A4F\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\enecir.inf_amd64_neutral_acae3f801586bfb8\enecir.inf FrostWire 5.4.0-->C:\Program Files (x86)\FrostWire 5\Uninstall.exe Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Desktop-->C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} Hewlett-Packard ACLM.NET v1.2.2.3-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} HP 3D DriveGuard-->MsiExec.exe /X{601871C3-CAFA-4244-B67D-36EC9AFA67EC} HP Advisor-->MsiExec.exe /X{B53E61D7-7C80-40DF-82D2-CF5390D6D20A} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe" HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall HP MediaSmart DVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe" /z-uninstall HP MediaSmart Internet TV-->"C:\Program Files (x86)\InstallShield Installation Information\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}\setup.exe" /z-uninstall HP MediaSmart Internet TV-->"C:\Program Files (x86)\InstallShield Installation Information\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}\setup.exe" /z-uninstall HP MediaSmart Live TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall HP MediaSmart Live TV-->"C:\Program Files (x86)\InstallShield Installation Information\{67626E09-5366-4480-8F1E-93FADF50CA15}\setup.exe" /z-uninstall HP MediaSmart Movie Themes-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall HP MediaSmart Movie Themes-->"C:\Program Files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe" /z-uninstall /zMS HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall HP MediaSmart Music/Photo/Video-->"C:\Program Files (x86)\InstallShield Installation Information\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\setup.exe" /z-uninstall /zMS HP MediaSmart SmartMenu-->MsiExec.exe /X{88E60521-1E4E-4785-B9F1-1798A4BD0C30} HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall HP MediaSmart Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall /z HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x0413 -removeonly uninst HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}\setup.exe" -l0x9 -removeonly HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Update-->MsiExec.exe /X{D46D081B-F60E-467E-A7C4-117B70D76731} HP User Guides 0153-->MsiExec.exe /X{2EBA8202-FBD5-4004-81EA-BDC38C054CE2} HP Wireless Assistant-->MsiExec.exe /X{4E432692-A736-4F77-AF77-F9078CF88D31} Huur- en zorgtoeslag 2009-->C:\Program Files (x86)\Belastingdienst\Huur- en zorgtoeslag\2009\hz2009u.exe Huur- en zorgtoeslag 2010-->C:\Program Files (x86)\Belastingdienst\Huur- en zorgtoeslag\2010\hz2010u.exe IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly iMesh-->"C:\Program Files (x86)\iMesh Applications\iMesh\uninstall.exe" iMesh-->C:\ProgramData\{063E9DDA-F20A-433E-8E87-63C820E7C6EC}\iMesh_V12_en_Setup.exe iSkysoft Video Converter Ultimate(Build 5.4.2.2)-->"C:\Program Files\iSkysoft\Video Converter Ultimate\unins000.exe" iTunes-->MsiExec.exe /I{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3} Java 8 Update 31 (64-bit)-->MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F86418031F0} Java 8 Update 31-->MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F83218031F0} JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LG PC Suite-->C:\Program Files (x86)\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x0013 -removeonly LG USB Modem driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x9 LG -removeonly LightScribe System Software-->MsiExec.exe /X{82EF29B1-9B60-4142-A155-0599216DD053} Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe" Media Player Product Tool 5.32-->MsiExec.exe /I{9E17C94B-913A-48A4-B1A8-8CE25157C170} Microsoft .NET Framework 4.5.1 (Nederlands)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\NLD\\Setup.exe /repair /x86 /x64 /lcid 1043 Microsoft .NET Framework 4.5.1 (NLD)-->MsiExec.exe /X{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09} Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (Dutch)-->MsiExec.exe /X{95120000-00AF-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175-->MsiExec.exe /X{aac9fcc4-dd9e-4add-901c-b5496a07ab2e} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Works-->MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD} Mozilla Firefox 32.0.3 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Music Toolbar for Chrome (Dist. by Bandoo Media, Inc.)-->C:\PROGRA~2\MUSICT~1\Datamngr\SR0DE~39\uninstall.exe /UN=GC /PID=BDO2-DTX Music Toolbar for Firefox (Dist. by Bandoo Media, Inc.)-->C:\PROGRA~2\MUSICT~1\Datamngr\SR0DE~39\FF\uninstall.exe /UN=FF /PID=BDO2-DTX Music Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)-->C:\PROGRA~2\MUSICT~1\Datamngr\SR0DE~39\IE\uninstall.exe /UN=IE /PID=BDO2-DTX My Web Search (Smiley Central)-->rundll32 C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwsbar.dll,O mystartsearch uninstall-->C:\Users\Edwine\AppData\Roaming\mystartsearch\UninstallManager.exe -ptid=cmi Nitro Reader 2-->MsiExec.exe /X{F917FA53-5E24-4456-BAFF-01718635E77D} Norton Online Backup activeren-->MsiExec.exe /I{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} Norton Security-->"C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS\562C4DD5\22.0.0.110\InstStub.exe" /X /ARP ooVoo-->MsiExec.exe /X{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623} Open It!-->"C:\Program Files (x86)\OpenIt\Open It!\uninstall.exe" oursurfing uninstall-->C:\Users\Edwine\AppData\Roaming\oursurfing\UninstallManager.exe -ptid=exp Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerRecover-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall PPricaeLess-->"C:\Program Files (x86)\PPricaeLess\jyXbgDGMYyNjNF.exe" /s /n /i:"ExecuteCommands;UninstallCommands" "" PriceGong 2.1.0-->C:\Program Files (x86)\PriceGong\uninst.exe QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A} Realtek 8136 8168 8169 Ethernet Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly Registry Dr-->MsiExec.exe /X{A6A9374C-4A54-4F08-AF5A-F893F0B6B900} Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C} Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0} Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697} Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809} Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784} Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562} Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1} Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5} Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D08B187F-0D9B-42AC-956E-F46AEC899742} Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {56BB0BAB-7C3C-40C1-8F70-1AAE6A5FE45F} Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {950FA8CA-FA83-4082-A79B-BCE05762A9EE} Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition -->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {D1314007-2EBB-4566-B0AD-C1EEC4262BC4} Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C79D9A1A-32DB-4B96-BC3C-772000D6FAB1} Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BBB81235-8EE6-411F-903E-F83DB17B7B34} Security Update for Microsoft Office Excel 2007 (KB2965281) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD9450A7-E94D-4E46-94A6-56CDA2942D62} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C069DBBB-0547-4405-B9C8-38123FCD9CE0} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office PowerPoint 2007 (KB2965283) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {37A67A09-6699-44FC-BD47-0436ABCDE6B1} Security Update for Microsoft Office Word 2007 (KB3054996) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8AE9CB9F-A7F4-4B2A-A3C6-89FD03176C7E} Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701} Skype™ 7.6-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} Support PL 1.1-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~2\SYSTEM~1\SYSTEM~1.DLL",_uninstall /un SweetIM for Messenger 3.5-->MsiExec.exe /X{97B4DF0B-7499-455F-AFBA-F70F64D6D86A} Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3} Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA} Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F} Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2} Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5} Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49} Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F} Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484} Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Vuze-->C:\Program Files (x86)\Vuze\uninstall.exe Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C} Windows Live Messenger-->MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27} Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11} Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Searchqu Toolbar-->C:\Program Files (x86)\Windows Searchqu Toolbar\uninstall.exe Yontoo 2.053-->C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe /remove /q0 ======System event log====== Computer Name: Serenity Event Code: 7036 Message: De UPnP Device Host-service heeft nu de status wordt uitgevoerd. Record Number: 23160397 Source Name: Service Control Manager Time Written: 20150211064925.283698-000 Event Type: Informatie User: Computer Name: Serenity Event Code: 7002 Message: Melding van gebruikersafmelding voor het Programma voor verbetering van klantervaringen Record Number: 23160396 Source Name: Microsoft-Windows-Winlogon Time Written: 20150211064924.503696-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: Serenity Event Code: 14205 Message: De service WMPNetworkSvc is gestopt. Record Number: 23160395 Source Name: Microsoft-Windows-WMPNSS-Service Time Written: 20150211064926.000000-000 Event Type: Informatie User: Computer Name: Serenity Event Code: 1074 Message: Het proces C:\Windows\system32\winlogon.exe (SERENITY) heeft het afsluiten van computer SERENITY namens Serenity\Edwine geïnitialiseerd. Reden: Er is geen titel voor deze reden gevonden Code: 0x500ff Type afsluiting: afsluiten Opmerking: Record Number: 23160394 Source Name: USER32 Time Written: 20150211064924.000000-000 Event Type: Informatie User: Serenity\Edwine Computer Name: Serenity Event Code: 1074 Message: Het proces Explorer.EXE heeft het afsluiten van computer SERENITY namens Serenity\Edwine geïnitialiseerd. Reden: Overige (niet gepland) Code: 0x0 Type afsluiting: afsluiten Opmerking: Record Number: 23160393 Source Name: USER32 Time Written: 20150211064911.000000-000 Event Type: Informatie User: Serenity\Edwine =====Application event log===== Computer Name: Serenity Event Code: 9009 Message: Beheer van bureaubladvensters is afgesloten met code 0x40010004 Record Number: 106802 Source Name: Desktop Window Manager Time Written: 20140801130753.000000-000 Event Type: Informatie User: Computer Name: Serenity Event Code: 0 Message: PowerEvent is verwerkt door de service. Record Number: 106801 Source Name: HP Support Assistant Service Time Written: 20140801130749.000000-000 Event Type: Informatie User: Computer Name: Serenity Event Code: 10001 Message: Session 0 beëindigen die is gestart om ‎2014‎-‎08‎-‎01T10:48:07.301505100Z. Record Number: 106800 Source Name: Microsoft-Windows-RestartManager Time Written: 20140801104824.677744-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: Serenity Event Code: 1042 Message: De volgende Windows Installer-transactie wordt beëindigd: C:\Windows\TEMP\Low\SkypeClickToCall\Download\SkypeToolbars.msi. Id van clientproces: 5752. Record Number: 106799 Source Name: MsiInstaller Time Written: 20140801104824.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: Serenity Event Code: 1033 Message: Het product is geïnstalleerd. Productnaam: Skype Click to Call. Productversie: 7.3.16540.9015. Producttaal: 1033. Fabrikant: Microsoft Corporation. Fabrikant: Microsoft Corporation. Status van geslaagde/mislukte installatie: 0. Record Number: 106798 Source Name: MsiInstaller Time Written: 20140801104824.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM =====Security event log===== Computer Name: Serenity Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SERENITY$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 2 Nieuwe aanmelding: Beveiligings-id: S-1-5-21-3035429546-2157832359-1196552001-1000 Accountnaam: Edwine Accountdomein: Serenity Aanmeldings-id: 0xfa4e0 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x3a4 Naam proces: C:\Windows\System32\winlogon.exe Netwerkgegevens: Naam van werkstation: SERENITY Netwerkadres van bron: 127.0.0.1 Poort van bron: 0 Gedetailleerde verificatiegegevens: Aanmeldingsproces: User32 Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 92971 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140513071459.551782-000 Event Type: Controle geslaagd User: Computer Name: Serenity Event Code: 4648 Message: Poging tot aanmelden met expliciete referenties. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SERENITY$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Account waarvan de referenties zijn gebruikt: Accountnaam: Edwine Accountdomein: Serenity Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Doelserver: Naam van doelserver: localhost Aanvullende gegevens: localhost Procesgegevens: Proces-id: 0x3a4 Procesnaam: C:\Windows\System32\winlogon.exe Netwerkgegevens: Netwerkadres: 127.0.0.1 Poort: 0 Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als. Record Number: 92970 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140513071459.551782-000 Event Type: Controle geslaagd User: Computer Name: Serenity Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 92969 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140513071115.192191-000 Event Type: Controle geslaagd User: Computer Name: Serenity Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SERENITY$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x2ec Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 92968 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140513071115.192191-000 Event Type: Controle geslaagd User: Computer Name: Serenity Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 92967 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140513071002.121664-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=0602 "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Pavilion "asl.log"=Destination=file -----------------EOF-----------------