info.txt logfile of random's system information tool 1.10 2016-12-02 18:13:22 ======MBR====== 0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009D4DCA36000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA ======Uninstall list====== Adobe Acrobat DC-->MsiExec.exe /I{AC76BA86-1033-FFFF-7760-0C0F074E4100} Adobe Acrobat Reader DC - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AC0F074E4100} Adobe Flash Player 23 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_Plugin.exe -maintain plugin Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824205020} ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE ANT Drivers Installer x64-->MsiExec.exe /I{67DC8027-2FC4-4A47-989A-F81A7E9D9280} ANT Drivers Installer x64-->MsiExec.exe /I{CAED120A-1F05-4B8F-B76E-A3EA5C328AB8} ANT Drivers Installer x64-->MsiExec.exe /I{ED7ACF31-0C68-42B6-8955-4450BE47E41C} AVG 2016-->MsiExec.exe /I{E6D91868-5C9A-4E48-93CD-4F3603E3042C} AVG Protection-->C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=av AVG Zen-->MsiExec.exe /I{50B62078-D231-46A3-BA7C-23DCFA0E6101} AVG-->C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=zen AVG-->MsiExec.exe /I{3D49031D-AEDF-4FC2-816F-CCE428CFA58A} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Common Desktop Agent-->MsiExec.exe /X{031A0E14-0413-4C97-9772-2639B782F46F} Dropbox Update Helper-->MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} Dropbox-->"C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE Elevated Installer-->MsiExec.exe /I{A53F1B50-A664-4D28-92FE-DD5F507F34BC} FMW 1-->MsiExec.exe /I{2B084330-F170-4A2D-8642-EFD173315566} Garmin Express-->"C:\ProgramData\Package Cache\{54b8854c-ad14-42fe-9dfb-bffd1a23fcf6}\GarminExpressInstaller.exe" /uninstall Garmin Express-->"C:\ProgramData\Package Cache\{686d881a-083e-4030-80db-52c493bf89d3}\GarminExpressInstaller.exe" /uninstall Garmin Express-->"C:\ProgramData\Package Cache\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}\GarminExpressInstaller.exe" /uninstall Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Malwarebytes Anti-Malware versie 2.2.1.1043-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B} OpenOffice 4.1.2-->MsiExec.exe /I{41E7B095-1618-49CF-972F-72B5D5235423} Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 Samsung Easy Document Creator-->"C:\Program Files (x86)\Samsung\Easy Document Creator\uninstall.exe" Samsung Easy Printer Manager-->C:\Program Files (x86)\Samsung\Easy Printer Manager\uninst.exe /app_ipn:"C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe" /oem:Samsung /oem_ac:EPM /oem_aims:no Samsung Printerdiagnose-->"C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\setup.exe" /R Samsung Scan Process Machine-->C:\Program Files (x86)\Common Files\Scan Process Machine\uninstall.exe Samsung SCX-3400 Series-->"C:\Program Files (x86)\Samsung\Samsung SCX-3400 Series\Setup\Setup.exe" /R SNS Upload for Easy Document Creator-->MsiExec.exe /I{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC} Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\System32\DriverStore\FileRepository\ant_libusb.inf_amd64_54173307afc55815\ant_libusb.inf Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\System32\DriverStore\FileRepository\usb_ant_siusbxp_3_1.inf_amd64_a786cf555bc1afd4\usb_ant_siusbxp_3_1.inf Toolwiz Time Freeze 2016-->C:\Program Files\Toolwiz Time Freeze 2016\UninstallToolwizTimeFreeze.exe /REMOVE Unchecky v0.4.3-->"C:\Program Files (x86)\Unchecky\Uninstall.exe" Viber-->MsiExec.exe /I{B0EA596A-BA3B-4708-9F8A-29063B572292} Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484} Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} Watchtower Library 2013 - Nederlands-->C:\Program Files (x86)\Watchtower\Watchtower Library 2013\O\uninst.exe WinZip 21.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B} ======Hosts File====== 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net ======System event log====== Computer Name: pc Event Code: 32 Message: Bootmgr heeft 0 ms gewacht op gebruikersinvoer. Record Number: 5 Source Name: Microsoft-Windows-Kernel-Boot Time Written: 20160320123748.615901-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: pc Event Code: 26 Message: Er is een eenmalige opstartvolgorde gebruikt tijdens deze opstartactie. Record Number: 4 Source Name: Microsoft-Windows-Kernel-Boot Time Written: 20160320123748.615864-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: pc Event Code: 6005 Message: De Event Log-service is gestart. Record Number: 3 Source Name: EventLog Time Written: 20160320123914.084929-000 Event Type: Informatie User: Computer Name: pc Event Code: 6009 Message: Microsoft (R) Windows (R) 10.00. 10586 Multiprocessor Free. Record Number: 2 Source Name: EventLog Time Written: 20160320123914.084929-000 Event Type: Informatie User: Computer Name: pc Event Code: 12 Message: Het besturingssysteem is gestart op systeemtijd ‎2016‎-‎03‎-‎20T12:37:48.495372200Z. Record Number: 1 Source Name: Microsoft-Windows-Kernel-General Time Written: 20160320123748.615756-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: pc Event Code: 6003 Message: De kennisgevingssubscriber van winlogon is niet beschikbaar om een essentiële kennisgevingsgebeurtenis te verwerken. Record Number: 4134 Source Name: Microsoft-Windows-Winlogon Time Written: 20160526134151.553338-000 Event Type: Informatie User: Computer Name: pc Event Code: 1530 Message: Uw registerbestand is nog steeds in gebruik door andere toepassingen of services. Het bestand wordt nu verwijderd. De toepassingen en services die het registerbestand nu gebruiken, werken vervolgens mogelijk niet meer goed. De gebruiker hoeft verder niets te doen. DETAIL - 15 user registry handles leaked from \Registry\User\S-1-5-21-2871391618-1465616402-3070090435-1001_Classes: Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Software\Microsoft\SystemCertificates\Root Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Software\Microsoft\SystemCertificates\CA Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Software\Microsoft\SystemCertificates\trust Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Software\Microsoft\SystemCertificates\TrustedPeople Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Software\Microsoft\SystemCertificates\Disallowed Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Software\Microsoft\SystemCertificates\trust Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Software\Microsoft\SystemCertificates\Root Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Software\Microsoft\SystemCertificates\CA Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Software\Microsoft\SystemCertificates\TrustedPeople Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001_CLASSES\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Software\Microsoft\SystemCertificates\Disallowed Record Number: 4133 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20160526131915.906046-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: pc Event Code: 1530 Message: Uw registerbestand is nog steeds in gebruik door andere toepassingen of services. Het bestand wordt nu verwijderd. De toepassingen en services die het registerbestand nu gebruiken, werken vervolgens mogelijk niet meer goed. De gebruiker hoeft verder niets te doen. DETAIL - 24 user registry handles leaked from \Registry\User\S-1-5-21-2871391618-1465616402-3070090435-1001: Process 1168 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001 Process 1168 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\trust Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\trust Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\trust Process 924 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\System\GameConfigStore\Children Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\Root Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\Root Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\Root Process 924 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\System\GameConfigStore\Parents Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\Disallowed Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\Disallowed Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\Disallowed Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\TrustedPeople Process 348 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\CA Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\CA Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\CA Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot Process 1612 (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Microsoft\SystemCertificates\SmartCardRoot Process 924 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2871391618-1465616402-3070090435-1001\System\GameConfigStore Record Number: 4132 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20160526131915.725313-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: pc Event Code: 6000 Message: De kennisgevingssubscriber van winlogon was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken. Record Number: 4131 Source Name: Microsoft-Windows-Winlogon Time Written: 20160526131914.716177-000 Event Type: Informatie User: Computer Name: pc Event Code: 1001 Message: Foutbucket 133323737785, type 5 Naam van gebeurtenis: MoBEX Antwoord: Niet beschikbaar Id van CAB-bestand: 0 Handtekening van probleem: P1: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe P2: praid:MicrosoftEdge P3: 11.0.10586.20 P4: 56540c35 P5: EMODEL.dll P6: 11.0.10586.306 P7: 571af463 P8: 0000000000129b5f P9: c0000409 P10: 0000000000000007 Toegevoegde bestanden: C:\Users\computer\AppData\Local\Temp\WERC359.tmp.WERInternalMetadata.xml Deze bestanden zijn mogelijk hier beschikbaar: C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_634e96a4d6e0bfe858c9f4e3b53c35a286367_0210d7ec_0546c964 Analysesymbool: Opnieuw zoeken naar oplossing: 0 Rapport-id: 43c41d9b-f3f5-479a-b8ec-d9673d3616f2 Rapportstatus: 0 Opgedeelde bucket: bda5cb526dff72de0f4bbc4deaad21c5 Record Number: 4130 Source Name: Windows Error Reporting Time Written: 20160526131903.085045-000 Event Type: Informatie User: =====Security event log===== Computer Name: pc Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\windows\winsxs\amd64_microsoft-windows-scripting-jscript9_31bf3856ad364e35_11.0.14393.0_none_a58f73033f3df8f4\jscript9.dll Ingangs-id: 0x5e8 Procesgegevens: Proces-id: 0x1b50 Procesnaam: C:\$WINDOWS.~BT\Sources\SetupHost.exe Controle-instellingen: Oorspronkelijke security descriptor: Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 63475 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20161001073322.358616-000 Event Type: Controle geslaagd User: Computer Name: pc Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\windows\winsxs\amd64_microsoft-windows-blb-engine-main_31bf3856ad364e35_10.0.14393.0_none_1156617316728d40\wbengine.exe Ingangs-id: 0x12c8 Procesgegevens: Proces-id: 0x1b50 Procesnaam: C:\$WINDOWS.~BT\Sources\SetupHost.exe Controle-instellingen: Oorspronkelijke security descriptor: Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 63474 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20161001073322.345631-000 Event Type: Controle geslaagd User: Computer Name: pc Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_10.0.14393.0_none_75dcbe91170c95e2\wscript.exe Ingangs-id: 0xa38 Procesgegevens: Proces-id: 0x1b50 Procesnaam: C:\$WINDOWS.~BT\Sources\SetupHost.exe Controle-instellingen: Oorspronkelijke security descriptor: Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 63473 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20161001073322.342105-000 Event Type: Controle geslaagd User: Computer Name: pc Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\windows\winsxs\amd64_microsoft-windows-w..adapter-wmitomi-dll_31bf3856ad364e35_10.0.14393.0_none_a8c0ac23cdcb17c0\wmitomi.dll Ingangs-id: 0xd64 Procesgegevens: Proces-id: 0x1b50 Procesnaam: C:\$WINDOWS.~BT\Sources\SetupHost.exe Controle-instellingen: Oorspronkelijke security descriptor: Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 63472 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20161001073322.337771-000 Event Type: Controle geslaagd User: Computer Name: pc Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\windows\winsxs\amd64_microsoft-windows-scripting_31bf3856ad364e35_10.0.14393.0_none_75dcbe91170c95e2\wshom.ocx Ingangs-id: 0x1218 Procesgegevens: Proces-id: 0x1b50 Procesnaam: C:\$WINDOWS.~BT\Sources\SetupHost.exe Controle-instellingen: Oorspronkelijke security descriptor: Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 63471 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20161001073322.332745-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 -----------------EOF-----------------