info.txt logfile of random's system information tool 1.10 2016-02-25 14:59:25 ======MBR====== 0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F85100183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731EFE4E110F850C00807E00800F848A00B280EB825532E48A5600CD135DEB9C813EFE7D55AA756EFF7600E88A000F851500B0D1E664E87F00B0DFE660E87800B0FFE664E87100B800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C0074FCBB0700B40ECD10EBF22BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D00000000627A99FCC08A5300000020210007FEFFFF0008000000A8A93100FEFFFF07FEFFFF00B0A93100A08E08000000000000000000000000000000000000000000000000000000000000000055AA ======Uninstall list====== 64 Bit HP CIO Components Installer-->MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854} Adobe Flash Player 20 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_306_ActiveX.exe -maintain activex Adobe Reader X (10.1.16)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824166751} AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850} Apple Application Support (64-bit)-->MsiExec.exe /I{0DE0A178-AC7B-4650-806C-CF226DE03766} Apple Software Update-->MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} ATI Catalyst Install Manager-->msiexec /q/x{64555D45-1F57-BF1D-1A5E-BFD4C8C0ADB4} REBOOT=ReallySuppress Audacity 2.1.0-->"C:\Program Files (x86)\Audacity\unins000.exe" Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall Bing Bar-->MsiExec.exe /X{449CE12D-E2C7-4B97-B19E-55D163EA9435} Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Citrix Authentication Manager-->MsiExec.exe /X{DB1C49C7-AC32-4785-A281-774744FC78F5} Citrix Receiver (HDX Flash Redirection)-->MsiExec.exe /I{D18F2C15-CF22-422C-B696-6ACBB8575B9D} Citrix Receiver Inside-->MsiExec.exe /I{332E9FC3-FCE6-4ACF-A799-B7C052779125} Citrix Receiver Updater-->MsiExec.exe /X{E29EC0B3-86B6-4E13-B638-94AAC8B21D9B} Citrix Receiver(Aero)-->MsiExec.exe /X{5EBE618C-A9B3-4800-8A19-FA5B81CD909E} Citrix Receiver(DV)-->MsiExec.exe /X{391EAACB-F137-4CA0-B9F2-41502652E206} Citrix Receiver(USB)-->MsiExec.exe /I{8DA35C91-E908-4CED-AA47-0E562794ED81} Citrix Receiver-->C:\ProgramData\Citrix\Citrix Receiver\TrolleyExpress.exe /uninstall /cleanup D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Dropbox Update Helper-->MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} Dropbox-->"C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE eLicenser Control-->C:\PROGRA~2\ELICEN~1\UNWISE.EXE C:\PROGRA~2\ELICEN~1\INSTALL.LOG Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HD Tune 2.55-->"C:\Program Files (x86)\HD Tune\unins000.exe" HitmanPro 3.7-->"C:\Program Files\HitmanPro\HitmanPro.exe" /uninstall HP Customer Participation Program 13.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot HP Deskjet All-In-One Driver Software 13.0 Rel. 1-->C:\Program Files (x86)\HP\Digital Imaging\{EB773820-0871-46A8-9B96-F2B04F8B34F0}\setup\hpzscr40.exe -datfile hposcr14.dat -onestop -forcereboot HP Imaging Device Functions 13.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential 3.5-->C:\Program Files (x86)\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot HP Smart Web Printing 4.51-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 13.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2} HPDiagnosticAlert-->MsiExec.exe /I{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE} Java 8 Update 71 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86418071F0} Java 8 Update 73-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218073F0} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} KPN Back-up Online-->"C:\Program Files\KPN Back-up Online\BackupIP.exe" u -interactive -path "C:\Program Files\KPN Back-up Online" -sure LAME v3.99.3 (for Windows)-->"C:\Program Files (x86)\Lame For Audacity\unins000.exe" Magic ISO Maker v5.5 (build 0281)-->C:\PROGRA~2\MagicISO\UNWISE.EXE C:\PROGRA~2\MagicISO\INSTALL.LOG MagicDisc 2.7.106-->C:\PROGRA~2\MAGICD~1\UNWISE.EXE C:\PROGRA~2\MAGICD~1\INSTALL.LOG Malwarebytes Anti-Malware versie 2.2.0.1024-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Messenger Companion-->MsiExec.exe /I{8142D25E-028A-4563-86ED-5755783C8029} Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{4567EA14-6BCA-3EF9-859B-92CE48B1D704} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} MP3 Cutter 1.9-->"C:\Program Files (x86)\MP3 Cutter\unins000.exe" MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Online Plug-in-->MsiExec.exe /I{FE35A45A-2F1B-4193-B7FC-1CBF7EB349F0} Polar FlowSync versie 2.6.2-->"C:\Program Files (x86)\Polar\Polar FlowSync\unins000.exe" PowerLine Utility-->MsiExec.exe /I{A0384ECE-2017-4EA8-86C7-513ACB936BDF} QuickTime 7-->MsiExec.exe /I{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC} Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -removeonly Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd64.exe -k -m -nrg2709 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly Revo Uninstaller Pro 3.1.5-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe" Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15} Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A33F3451-9AD4-46C0-9CDB-AA38071CDAB5} Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0} Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697} Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019} Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019} Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784} Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562} Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1} Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {08F2015D-61E9-4252-9355-AB8D15C73C96} Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5} Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {56BB0BAB-7C3C-40C1-8F70-1AAE6A5FE45F} Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8D2CDFAB-0079-43CC-A289-2F7A67F0A4DE} Security Update for Microsoft Office 2007 suites (KB3085616) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0AA6E922-462D-4938-9B01-0EE8003036F6} Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition -->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {8284AD45-2361-4B94-8DA6-8BD4CFAEA59C} Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {338CAB95-B75C-4A6E-92D8-7CA7BA4EE3D0} Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F774C8A-B1CE-486C-A64E-EA96AE48B813} Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114548) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4B72B1EC-2621-4C25-940F-994D62301CDE} Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114745) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D1BC637-A240-40D6-ADA7-692106DC3E2C} Security Update for Microsoft Office Excel 2007 (KB3114741) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FB50942F-F59A-4898-989A-74CB4093F446} Security Update for Microsoft Office InfoPath 2007 (KB2687406) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D77213A-D6B1-4D2D-813D-99C6F599B75D} Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5} Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26BD5742-76C6-460F-97CB-356F0DB338FE} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B9E85A9D-2565-4DDC-A21D-34DACF7D716A} Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {724051CF-E09E-4F84-9946-F5014AB7389B} Security Update for Microsoft Office Word 2007 (KB3114748) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FDA1D66-55E9-4D4E-96DC-2B9CAC5DD101} Self-service Plug-in-->MsiExec.exe /X{F27B8F8F-25EF-4198-96AD-F611FFE0985B} Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Speccy-->"C:\Program Files\Speccy\uninst.exe" Steinberg Eucon Adapter 6.5 64bit-->MsiExec.exe /I{95D90857-61C2-4927-85FF-A317E46E7351} Steinberg Groove Agent ONE Allen Morgan Signature Drums-->MsiExec.exe /I{611A7035-0172-4B9B-8BB6-5046F6867D8A} Steinberg Groove Agent ONE Content-->MsiExec.exe /I{BD86F1AC-B594-46E4-85DC-1258AC9E2232} Steinberg Groove Agent ONE Vintage Beatboxes-->MsiExec.exe /I{DBF4BC99-53F1-4C97-84C3-7557D103E182} Steinberg HALion Sonic SE 64bit-->MsiExec.exe /I{B99C316B-C135-43B5-8E77-2BC5E241F964} Steinberg HALion Sonic SE Content-->MsiExec.exe /I{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82} Steinberg LoopMash Content 2-->MsiExec.exe /I{88C337F0-4CF2-4098-BDC0-D94859ECA2B4} Steinberg LoopMash Content-->MsiExec.exe /I{4D454CF8-12FD-464D-B57B-B46FE27B78BB} Steinberg Midi Loop Library-->MsiExec.exe /I{89DE2651-6DD9-4C15-AC94-8348362D456C} Steinberg Padshop 64bit-->MsiExec.exe /I{75F15019-C0C2-4047-AA45-97B4BD313719} Steinberg Retrologue 64bit-->MsiExec.exe /I{4D65ECE6-131D-4B5F-8470-2750D3161619} Steinberg REVerence Content 01-->MsiExec.exe /I{532B917B-8235-4FA5-BE36-643A8BB053A5} Steinberg Upload Manager-->MsiExec.exe /I{88BBBD8F-4C19-4809-B84B-7A8F8238B48D} Steinberg VST Amp Rack Content 01-->MsiExec.exe /I{8CBA7E47-48DA-47DC-8E98-6984BA830295} Sweex Connected Home Universal Wireless Driver-->C:\Program Files (x86)\InstallShield Installation Information\{30575C28-305D-4032-B2CC-41A8291D7B82}\setup.exe -runfromtemp -l0x0009 -removeonly Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1043 /parameterfolder ClientLP TuneUp Utilities 2013-->C:\Program Files (x86)\TuneUp Utilities 2013\TUInstallHelper.exe --Trigger-Uninstall Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3} Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA} Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA} Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2} Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5} Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656} Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B} Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114743) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {03C2AE93-8001-4D17-8928-1EF23990A2C8} Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} Vuze-->C:\Program Files\Vuze\uninstall.exe Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073} Windows Live Family Safety-->MsiExec.exe /I{944E73EF-857E-4F71-9DC4-CD059D7ADDEF} Windows Live Family Safety-->MsiExec.exe /X{0D87AE67-14EB-4C10-88A5-DA6C3181EB18} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C} Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F} Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live Remote Client Resources-->MsiExec.exe /I{C9F05151-95A9-4B9B-B534-1760E2D014A5} Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B} Windows Live Remote Service Resources-->MsiExec.exe /I{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55} Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} WinPcap 4.1.2-->C:\Program Files (x86)\WinPcap\uninstall.exe WinRAR 5.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe ======Hosts File====== 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ======System event log====== Computer Name: NIEUW-SYSTEEM Event Code: 26 Message: De volgende statuswaarden zijn beschikbaar op de processor 0 in de groep 0: 1 inactief 4 prestaties 0 vertraging Record Number: 43715 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20140117022004.078416-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: NIEUW-SYSTEEM Event Code: 6 Message: Bestandssysteemfilter 'aswSP' (6.0, ‎2013‎-‎12‎-‎09T08:09:54.000000000Z) is geladen en bij Filterbeheer geregistreerd. Record Number: 43714 Source Name: Microsoft-Windows-FilterManager Time Written: 20140117022002.534014-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: NIEUW-SYSTEEM Event Code: 6 Message: Bestandssysteemfilter 'aswSnx' (6.0, ‎2013‎-‎12‎-‎16T23:29:51.000000000Z) is geladen en bij Filterbeheer geregistreerd. Record Number: 43713 Source Name: Microsoft-Windows-FilterManager Time Written: 20140117022001.473212-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: NIEUW-SYSTEEM Event Code: 6 Message: Bestandssysteemfilter 'FileInfo' (6.1, ‎2009‎-‎07‎-‎14T00:34:25.000000000Z) is geladen en bij Filterbeheer geregistreerd. Record Number: 43712 Source Name: Microsoft-Windows-FilterManager Time Written: 20140117021954.718400-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: NIEUW-SYSTEEM Event Code: 12 Message: Het besturingssysteem wordt gestart op systeemtijd ‎2014‎-‎01‎-‎17T02:19:54.375199800Z. Record Number: 43711 Source Name: Microsoft-Windows-Kernel-General Time Written: 20140117021954.671600-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: NIEUW-SYSTEEM Event Code: 8194 Message: Herstelpunt is gemaakt (proces = C:\Windows\system32\msiexec.exe /V; beschrijving = Installed Java 7 Update 25). Record Number: 6361 Source Name: System Restore Time Written: 20130728194911.000000-000 Event Type: Informatie User: Computer Name: NIEUW-SYSTEEM Event Code: 1040 Message: De volgende Windows Installer-transactie wordt gestart: C:\Users\Administrator\AppData\LocalLow\Sun\Java\jre1.7.0_25\jre1.7.0_25.msi. Id van clientproces: 5908. Record Number: 6360 Source Name: MsiInstaller Time Written: 20130728194859.000000-000 Event Type: Informatie User: NIEUW-SYSTEEM\Administrator Computer Name: NIEUW-SYSTEEM Event Code: 8224 Message: De VSS-service is vanwege een time-out voor niet actief afgesloten. Record Number: 6359 Source Name: VSS Time Written: 20130728193715.000000-000 Event Type: Informatie User: Computer Name: NIEUW-SYSTEEM Event Code: 8194 Message: Herstelpunt is gemaakt (proces = C:\Windows\System32\svchost.exe -k secsvcs; beschrijving = Windows Defender Checkpoint). Record Number: 6358 Source Name: System Restore Time Written: 20130728193410.000000-000 Event Type: Informatie User: Computer Name: NIEUW-SYSTEEM Event Code: 8194 Message: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {d30680f0-1acc-44bb-8652-6ef2fba875a6} Record Number: 6357 Source Name: VSS Time Written: 20130728193356.000000-000 Event Type: Fout User: =====Security event log===== Computer Name: NIEUW-SYSTEEM Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 27309 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130728193352.596981-000 Event Type: Controle geslaagd User: Computer Name: NIEUW-SYSTEEM Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: NIEUW-SYSTEEM$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x268 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 27308 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130728193352.596981-000 Event Type: Controle geslaagd User: Computer Name: NIEUW-SYSTEEM Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 27307 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130728193352.284980-000 Event Type: Controle geslaagd User: Computer Name: NIEUW-SYSTEEM Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: NIEUW-SYSTEEM$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x268 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 27306 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130728193352.284980-000 Event Type: Controle geslaagd User: Computer Name: NIEUW-SYSTEEM Event Code: 1102 Message: Het controlelogboek is gewist. Onderwerp: Beveiligings-id: S-1-5-21-2295969631-2129697342-2820095298-500 Accountnaam: Administrator Domeinnaam: NIEUW-SYSTEEM Aanmeldings-id: 0x6667b Record Number: 27305 Source Name: Microsoft-Windows-Eventlog Time Written: 20130728193220.915621-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0603 -----------------EOF-----------------