info.txt logfile of random's system information tool 1.10 2016-03-03 15:11:15 ======MBR====== 0x33C08ED0BC007CFB8EC08ED88BF4BF0006B90002FCF3A4EA60060000000000005265636F766572794D677220001813230000000000000000000000000000000000000000000000000000000000000D0A0000000057000000FFFFFFFFFFFFFFFF864CBDBE3006ACB40E33DBCD100AC075F5E30BFE0613065353E86D00EB36B8125F66BA5150485FCD1580E3017420EB248B166C04FA66A11C06BF5406B103F266AFFB740AA13D0000C283F82476E6B00184C0751CBBC67D668B37668B3E2C06663BF7740780C31073EEEB05BB2806EB10BBC27D807FFC00780780C31073F5EBFE66FF7704E80200FFE4C8100000B408B280CD138AC1243FFEC68AD8F6E6C0E90686CD4191F7E13956068B56068B4604731CF7F19192F6F386CDC0E10602CC418AF0B80102BB007C86261306EB1483C4100E0E52500E68007C6A016A108BF4B80042B280CD13C9C204001E50530E1FBB1B06A01704240F884704E4603CE0741A3C1D74103C2A740C3C3674083C38740484C0790666832700EB06FE07021F88075B581FEA00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000734CE55000080202100077E25190008000000380600007E261907FEFFFF0040060000D80C2300FEFFFF07FEFFFF0018132300902C0200FEFFFF0CFEFFFF00A83F25B03A030055AA ======Uninstall list====== -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Web Link - Habbo Hotel\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Web Link - Seafight\Uninstall.exe" -->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Reader 9.3 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} Adobe Shockwave Player 11.5-->MsiExec.exe /X{9ECF7817-DB11-4FBA-9DF1-296A578D513A} Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe" AnySend-->"C:\Users\Xena\AppData\Roaming\ASPackage\Uninstall.exe" Apple Application Support (32-bit)-->MsiExec.exe /I{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F} Apple Application Support (64-bit)-->MsiExec.exe /I{691F30EB-9009-475A-B8A9-E1BF39598FD5} Apple Mobile Device Support-->MsiExec.exe /I{3540181E-340A-4E7A-B409-31663472B2F7} Apple Software Update-->MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} Bejeweled 2 Deluxe-->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" Bing Bar Platform-->MsiExec.exe /I{222A544B-E6B7-496F-B4D7-6FE74FF0E616} Bing Bar-->C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL Bonjour-->MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Chuzzle Deluxe-->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE} Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640} CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall CyberLink PowerDVD 9-->"C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall Diner Dash 2 Restaurant Rescue-->"C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe" Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4} ESU for Microsoft Windows 7-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43} FATE-->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe" Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_A6282D74FF5C38C8.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Documentation-->MsiExec.exe /X{C2B13597-D96D-49D2-AFAC-E302003D2D50} HP Game Console-->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe" HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe" HP Power Manager-->MsiExec.exe /I{4B156358-CE9C-4E9F-8CAD-79AE86A68C60} HP Quick Launch-->MsiExec.exe /I{E342D296-DB9D-4FC7-ACB0-39926C0BFA16} HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{72D90DB3-A16A-4545-B555-868471101833}\setup.exe" -l0x9 -removeonly HP Software Framework-->MsiExec.exe /X{2A4F4162-D66E-4C50-B685-86B08D37B9CE} HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Wireless Assistant-->MsiExec.exe /X{9E3BC5E1-C394-43F9-AA13-25619E396A9B} HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367} Insaniquarium Deluxe-->"C:\Program Files (x86)\HP Games\Insaniquarium Deluxe\Uninstall.exe" Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall iTunes-->MsiExec.exe /I{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E} Java(TM) 6 Update 20 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416020FF} Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Jewel Quest II-->"C:\Program Files (x86)\HP Games\Jewel Quest II\Uninstall.exe" Jewel Quest Solitaire-->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\Uninstall.exe" John Deere Drive Green-->"C:\Program Files (x86)\HP Games\John Deere Drive Green\Uninstall.exe" Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619} LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LightScribe System Software-->MsiExec.exe /X{46BA053F-57B3-4153-BDB6-D37EEC8B12D7} Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{4567EA14-6BCA-3EF9-859B-92CE48B1D704} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Default Manager-->MsiExec.exe /X{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120} Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{5E4B86E5-CD0E-4D3D-BE21-45A30326850A} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Mozilla Firefox 43.0.1 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Penguins!-->"C:\Program Files (x86)\HP Games\Penguins!\Uninstall.exe" PhotoNow!-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall PhotoNow!-->"C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" /z-uninstall Plants vs. Zombies-->"C:\Program Files (x86)\HP Games\Plants vs. Zombies\Uninstall.exe" Polar Bowler-->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly REALTEK Wireless LAN Software-->C:\Program Files (x86)\InstallShield Installation Information\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}\Install.exe -uninst -l0x13 Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall RtVOsd-->MsiExec.exe /I{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9} Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2972106)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8BB35EB9-BEE3-3CF2-97DC-DB99972A0F8F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2978125)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7859B202-40C9-3C27-924D-5987A95F2DD0} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB3097994)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A836EEA3-2699-38B2-9B30-076F0177F416} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB3098778)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2BEC14C8-151E-3D46-A2DA-9848A5B06353} /parameterfolder Client Slingo Deluxe-->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1043 /parameterfolder ClientLP Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8C286FD4-AB38-37A6-BC8A-6F16AFE9AB1F} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {EFD73366-C059-3D04-9848-59072A15DB53} /parameterfolder Client Virtual Villagers - The Secret City-->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" Wedding Dash-->"C:\Program Files (x86)\HP Games\Wedding Dash\Uninstall.exe" Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live Call-->MsiExec.exe /I{C20C2630-B3A7-44BA-BDD0-31E256AE490E} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3} Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7} Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91} Windows Live Messenger-->MsiExec.exe /X{CC38A00D-7EED-46CE-9281-D1D97B81F22A} Windows Live Movie Maker-->MsiExec.exe /X{32061277-9F45-4C3B-8299-D106D5A502ED} Windows Live Photo Gallery-->MsiExec.exe /X{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59} Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D} Windows Live Writer-->MsiExec.exe /X{35CA031C-D3CD-4A28-8D9B-C71466C4F045} Zuma Deluxe-->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" ======Hosts File====== 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ======System event log====== Computer Name: Xena-HP Event Code: 7036 Message: De SeaPort-service heeft nu de status wordt uitgevoerd. Record Number: 2174 Source Name: Service Control Manager Time Written: 20151031150818.982872-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 7036 Message: De SeaPort-service heeft nu de status gestopt. Record Number: 2173 Source Name: Service Control Manager Time Written: 20151031150815.613266-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 7036 Message: De Multimedia Class Scheduler-service heeft nu de status gestopt. Record Number: 2172 Source Name: Service Control Manager Time Written: 20151031150814.864465-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 7036 Message: De Telephony-service heeft nu de status wordt uitgevoerd. Record Number: 2171 Source Name: Service Control Manager Time Written: 20151031150802.930444-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 104 Message: Logboekbestand System is gewist. Record Number: 2170 Source Name: Microsoft-Windows-Eventlog Time Written: 20151031150758.266035-000 Event Type: Informatie User: Xena-HP\Xena =====Application event log===== Computer Name: Xena-HP Event Code: 0 Message: Requires:C:\Program Files (x86)\Hewlett-Packard\HP Setup Record Number: 1082 Source Name: HP Total Care Setup Updater Time Written: 20151031150811.000000-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 0 Message: Expanded Env:CORESYSTEMPATH Record Number: 1081 Source Name: HP Total Care Setup Updater Time Written: 20151031150811.000000-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 0 Message: Current:C:\ProgramData\Hewlett-Packard\HP Setup Record Number: 1080 Source Name: HP Total Care Setup Updater Time Written: 20151031150811.000000-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 0 Message: Requires:C:\ProgramData\Hewlett-Packard\HP Setup Record Number: 1079 Source Name: HP Total Care Setup Updater Time Written: 20151031150811.000000-000 Event Type: Informatie User: Computer Name: Xena-HP Event Code: 0 Message: Expanded Env:COREALLUSERPATH Record Number: 1078 Source Name: HP Total Care Setup Updater Time Written: 20151031150811.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: Xena-HP Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 565 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20151031151922.928919-000 Event Type: Controle geslaagd User: Computer Name: Xena-HP Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-6NDA5HN9TBF$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x238 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 564 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20151031151922.928919-000 Event Type: Controle geslaagd User: Computer Name: Xena-HP Event Code: 4905 Message: Er is geprobeerd de registratie van de bron van een beveiligingsgebeurtenis op te heffen. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-6NDA5HN9TBF$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Proces: Proces-id: 0xc28 Procesnaam: C:\Windows\System32\VSSVC.exe Gebeurtenisbron: Bronnaam: VSSAudit Gebeurtenisbron-id: 0x19d12f Record Number: 563 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20151031150803.523245-000 Event Type: Controle geslaagd User: Computer Name: Xena-HP Event Code: 4904 Message: Er is geprobeerd de bron van een beveiligingsgebeurtenis te registreren. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: WIN-6NDA5HN9TBF$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Proces: Proces-id: 0xc28 Procesnaam: C:\Windows\System32\VSSVC.exe Gebeurtenisbron: Bronnaam: VSSAudit Gebeurtenisbron-id: 0x19d12f Record Number: 562 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20151031150803.523245-000 Event Type: Controle geslaagd User: Computer Name: Xena-HP Event Code: 1102 Message: Het controlelogboek is gewist. Onderwerp: Beveiligings-id: S-1-5-21-3471289812-1826325329-3906041262-1001 Accountnaam: Xena Domeinnaam: Xena-HP Aanmeldings-id: 0xa8391 Record Number: 561 Source Name: Microsoft-Windows-Eventlog Time Written: 20151031150758.437636-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=170a "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Presario "asl.log"=Destination=file -----------------EOF-----------------