info.txt logfile of random's system information tool 1.10 2014-07-08 15:29:11 ======MBR====== 0x33C08ED0BC007CFB8EC08ED88BF4BF0006B90002FCF3A4EA6006000000000000504F5745525245434F5645523F0000005052455353203C4631313E20544F2052554E205245434F564552592E2E2E0D0A0000000057000000FFFFFFFFFFFFFFFF864CBDBE3006ACB40E33DBCD100AC075F5E30BFE0613065353E89800EB360E68740766586687472466A3AE078B166C04FA66A11C06BF5406B103F266AFFB740AA16C042BC23D5A0076E666A1AE07668947247547BBC27D803F12744F80C31073F680EB10803F0F7528668B7704668BD6B3C2606652E83C0061721666015704803F127427668B57146603D6807F100574E180FBC277CBBB2806EB10BBC27D807FFC00780780C31073F5EBFE66FF7704E80200FFE4C8100000B408B280CD138AC1243FFEC68AD8F6E6C0E90686CD4191F7E13956068B56068B4604731CF7F19192F6F386CDC0E10602CC418AF0B80102BB007C86261306EB1483C4100E0E52500E68007C6A016A108BF4B80042B280CD13C9C204001E50530E1FBB1B06A01704240F884704E4603CE0741A3C1D74103C2A740C3C3674083C38740484C0790666832700EB06FE07021F88075B581FEA000000000000000000000D4DD40800008020210007DF130C000800000020030000DF140C07FEFFFF00280300004845A800FEFFFF07FEFFFF007048A80000400600FEFFFF12FEFFFF007088AE3003200055AA ======Uninstall list====== 15354 Webcam Live-->C:\Program Files (x86)\InstallShield Installation Information\{3AC11667-B4DD-4984-AD0B-B2D4E40AB573}\setup.exe -runfromtemp -l0x0013 -removeonly 64 Bit HP CIO Components Installer-->MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B} Adobe Flash Player 13 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -maintain plugin Adobe Flash Player 14 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_125_ActiveX.exe -maintain activex Adobe Reader XI (11.0.07) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441} AMD AVIVO64 Codecs-->MsiExec.exe /X{CE4F2C90-62B4-8820-96A1-B23B1B3050CE} AMD Catalyst Install Manager-->msiexec /q/x{2F949F9F-EBD4-8597-5CF0-6370C0161CC9} REBOOT=ReallySuppress AMD Drag and Drop Transcoding-->MsiExec.exe /X{E8384463-151C-473F-3A8D-54F3B11892B9} AMD Media Foundation Decoders-->MsiExec.exe /X{5AF106BC-B27B-D0EC-28CF-7A7F20B20288} Asmedia ASM104x USB 3.0 Host Controller Driver-->MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} AVG 2014-->"C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" /AppMode=SETUP /Uninstall AVG 2014-->MsiExec.exe /I{2EA43D50-131A-44DE-A678-47F6D572AB30} AVG 2014-->MsiExec.exe /I{4B1977BE-7B68-458C-9638-03672C1A15A9} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Control ActiveX de Windows Live Mesh para conexiones remotas-->MsiExec.exe /I{04668DF2-D32F-4555-9C7E-35523DCD6544} Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3} Controlo ActiveX do Windows Live Mesh para Ligações Remotas-->MsiExec.exe /I{E54EEB5D-41ED-40FE-B4A8-8565DB81469B} CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall CyberLink PowerDVD Copy-->"C:\Program Files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe" /z-uninstall CyberLink PowerDVD Copy-->"C:\Program Files (x86)\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe" /z-uninstall CyberLink PowerRecover-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall CyberLink PowerRecover-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall CyberLink WaveEditor-->"C:\Program Files (x86)\InstallShield Installation Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe" /z-uninstall CyberLink WaveEditor-->"C:\Program Files (x86)\InstallShield Installation Information\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\Setup.exe" /z-uninstall D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7} Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9} Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4} Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66} Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431} Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710} GIMP 2.6.11-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe" Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} HP Customer Participation Program 13.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot HP Imaging Device Functions 13.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6-->C:\Program Files (x86)\HP\Digital Imaging\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}\setup\hpzscr40.exe -datfile hposcr43.dat -onestop -forcereboot HP Print Projects 1.0-->C:\Program Files (x86)\HP\Digital Imaging\HPPrintProjects\hpzscr01.exe -datfile hpqbud19.dat HP Smart Web Printing 4.5-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 13.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4} HPDiagnosticAlert-->MsiExec.exe /I{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE} Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall Intel® Trusted Connect Service Client-->MsiExec.exe /I{538B98C3-773F-4F20-9C66-802D104DCBE2} Java 7 Update 10 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417010FF} Java 7 Update 55-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} K-Lite Codec Pack 9.7.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454} Medion Home Cinema-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall Medion Home Cinema-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall Memeo Instant Backup-->C:\Program Files (x86)\Memeo\AutoBackup\uninstall.exe Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft_VC100_CRT_SP1_x64-->MsiExec.exe /I{680EDA59-9266-44B4-949E-0C24F65DFF82} Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688} Mozilla Firefox 30.0 (x86 nl)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mozilla Thunderbird 24.6.0 (x86 nl)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E} MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B} MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D} MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MyTomTom 3.2.0.1116-->C:\Program Files (x86)\MyTomTom 3\Uninstall MyTomTom3.exe Nokia Connectivity Cable Driver-->MsiExec.exe /I{29373274-977E-413C-A4DE-DC0F8E80C429} Nokia Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}\Installer.exe Nokia Suite-->MsiExec.exe /X{EDB188F5-D8E8-42EE-89E0-F212DA48CB81} OpenOffice 4.1.0-->MsiExec.exe /I{E8A54536-FC41-45AB-9E24-114A0127118C} PC Connectivity Solution-->MsiExec.exe /I{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1} Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383} Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE} Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D} Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A} Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126} Settings Manager-->C:\Program Files (x86)\Settings Manager\systemk\Uninstall.exe /browser=all Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Skype™ 6.3-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} Spelling Dictionaries Support For Adobe Reader X-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-A00000000004} Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi-->MsiExec.exe /I{241E7104-937A-4366-AD57-8FDDDB003939} VDownloader 3.9.1360-->"C:\Program Files\VDownloader\unins000.exe" Visual Studio 2010 x64 Redistributables-->MsiExec.exe /I{21B133D6-5979-47F0-BE1C-F6A6B304693F} Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484} Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} Visual Studio C++ 10.0 Runtime-->MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18} Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073} Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80} Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84} Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07} Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E} Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6} Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76} Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302} Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6} Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721} Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Language Selector-->MsiExec.exe /I{180C8888-50F1-426B-A9DC-AB83A1989C65} Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11} Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07} Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E} Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437} Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C} Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F} Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16} Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923} Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA} Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C} Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441} Windows Live Mesh ActiveX control for remote connections-->MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94} Windows Live Mesh ActiveX-objekt til fjernforbindelser-->MsiExec.exe /I{57220148-3B2B-412A-A2E0-82B9DF423696} Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15} Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4} Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886} Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978} Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862} Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B} Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A} Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A} Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678} Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649} Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5} Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7} Windows Live Messenger-->MsiExec.exe /X{062E4D94-8306-46D5-81B6-45E6AD09C799} Windows Live Messenger-->MsiExec.exe /X{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE} Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24} Windows Live Messenger-->MsiExec.exe /X{2F54E453-8C93-4B3B-936A-233C909E6CAC} Windows Live Messenger-->MsiExec.exe /X{443B561F-DE1B-4DEF-ADD9-484B684653C7} Windows Live Messenger-->MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27} Windows Live Messenger-->MsiExec.exe /X{4B744C85-DBB1-4038-B989-4721EB22C582} Windows Live Messenger-->MsiExec.exe /X{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305} Windows Live Messenger-->MsiExec.exe /X{8FF3891F-01B5-4A71-BFCD-20761890471C} Windows Live Messenger-->MsiExec.exe /X{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB} Windows Live Messenger-->MsiExec.exe /X{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} Windows Live Messenger-->MsiExec.exe /X{B2E90616-C50D-4B89-A40D-92377AC669E5} Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11} Windows Live Messenger-->MsiExec.exe /X{E9AD2143-26D5-4201-BED1-19DCC03B407D} Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE} Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847} Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E} Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3} Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA} Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92} Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071} Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B} Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83} Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76} Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598} Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81} Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB} Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49} Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D} Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C} Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120} Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0} Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA} Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA} Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live Remote Client Resources-->MsiExec.exe /I{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98} Windows Live Remote Client Resources-->MsiExec.exe /I{2F304EF4-0C31-47F4-8557-0641AAE4197C} Windows Live Remote Client Resources-->MsiExec.exe /I{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F} Windows Live Remote Client Resources-->MsiExec.exe /I{692CCE55-9EAE-4F57-A834-092882E7FE0B} Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5} Windows Live Remote Client Resources-->MsiExec.exe /I{850B8072-2EA7-4EDC-B930-7FE569495E76} Windows Live Remote Client Resources-->MsiExec.exe /I{8970AE69-40BE-4058-9916-0ACB1B974A3D} Windows Live Remote Client Resources-->MsiExec.exe /I{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116} Windows Live Remote Client Resources-->MsiExec.exe /I{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F} Windows Live Remote Client Resources-->MsiExec.exe /I{C9F05151-95A9-4B9B-B534-1760E2D014A5} Windows Live Remote Client Resources-->MsiExec.exe /I{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66} Windows Live Remote Client Resources-->MsiExec.exe /I{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820} Windows Live Remote Client Resources-->MsiExec.exe /I{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F} Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B} Windows Live Remote Service Resources-->MsiExec.exe /I{19F09425-3C20-4730-9E2A-FC2E17C9F362} Windows Live Remote Service Resources-->MsiExec.exe /I{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67} Windows Live Remote Service Resources-->MsiExec.exe /I{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF} Windows Live Remote Service Resources-->MsiExec.exe /I{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7} Windows Live Remote Service Resources-->MsiExec.exe /I{5E2CD4FB-4538-4831-8176-05D653C3E6D4} Windows Live Remote Service Resources-->MsiExec.exe /I{5FEAD3E5-A158-4B66-B92B-0C959D7CF838} Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760} Windows Live Remote Service Resources-->MsiExec.exe /I{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF} Windows Live Remote Service Resources-->MsiExec.exe /I{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55} Windows Live Remote Service Resources-->MsiExec.exe /I{A679FBE4-BA2D-4514-8834-030982C8B31A} Windows Live Remote Service Resources-->MsiExec.exe /I{D3E4F422-7E0F-49C7-8B00-F42490D7A385} Windows Live Remote Service Resources-->MsiExec.exe /I{D930AF5C-5193-4616-887D-B974CEFC4970} Windows Live Remote Service Resources-->MsiExec.exe /I{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F} Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094} Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF} Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93} Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734} Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3} Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6} Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA} Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425} Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69} Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8} Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218} Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668} Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6} Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16} Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8} Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244} Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194} Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9} Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1} Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59} Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467} Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040} Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC} Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97} Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F} Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593} Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE} Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F} Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78} Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F} Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E} Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501} Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80} Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350} Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_95B9C4C4739674B910F22E6D0FB93B9D8DD7E72A\pccsmcfdx64.inf WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe" Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις-->MsiExec.exe /I{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F} Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1} ======System event log====== Computer Name: Vanherle-PC Event Code: 206 Message: De Program Compatibility Assistant-service heeft fase 2 geïnitialiseerd. Record Number: 316001 Source Name: Microsoft-Windows-Application-Experience Time Written: 20140504011501.039020-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM Computer Name: Vanherle-PC Event Code: 7036 Message: De Problem Reports and Solutions Control Panel Support-service heeft nu de status gestopt. Record Number: 316000 Source Name: Service Control Manager Time Written: 20140504010819.880085-000 Event Type: Informatie User: Computer Name: Vanherle-PC Event Code: 7036 Message: De Problem Reports and Solutions Control Panel Support-service heeft nu de status wordt uitgevoerd. Record Number: 315999 Source Name: Service Control Manager Time Written: 20140504010816.090079-000 Event Type: Informatie User: Computer Name: Vanherle-PC Event Code: 7036 Message: De Application Experience-service heeft nu de status gestopt. Record Number: 315998 Source Name: Service Control Manager Time Written: 20140504010535.434851-000 Event Type: Informatie User: Computer Name: Vanherle-PC Event Code: 1013 Message: Record Number: 315997 Source Name: Microsoft Antimalware Time Written: 20140504010520.000000-000 Event Type: Informatie User: =====Application event log===== Computer Name: Vanherle-PC Event Code: 100 Message: Alleen informatie. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation... Record Number: 85320 Source Name: CVHSVC Time Written: 20140326113652.000000-000 Event Type: Waarschuwing User: Computer Name: Vanherle-PC Event Code: 100 Message: Alleen informatie. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted. Record Number: 85319 Source Name: CVHSVC Time Written: 20140326113652.000000-000 Event Type: Waarschuwing User: Computer Name: Vanherle-PC Event Code: 903 Message: De Software Protection-service is gestopt. Record Number: 85318 Source Name: Microsoft-Windows-Security-SPP Time Written: 20140326113439.000000-000 Event Type: Informatie User: Computer Name: Vanherle-PC Event Code: 0 Message: Record Number: 85317 Source Name: gupdate Time Written: 20140326113435.000000-000 Event Type: Informatie User: Computer Name: Vanherle-PC Event Code: 10001 Message: Session 0 beëindigen die is gestart om ‎2014‎-‎03‎-‎26T11:34:01.298267700Z. Record Number: 85316 Source Name: Microsoft-Windows-RestartManager Time Written: 20140326113403.856672-000 Event Type: Informatie User: NT AUTHORITY\SYSTEM =====Security event log===== Computer Name: Vanherle-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: VANHERLE-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x294 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 52446 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140125224834.344833-000 Event Type: Controle geslaagd User: Computer Name: Vanherle-PC Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-21-219209752-1814971668-716802256-1000 Accountnaam: Vanherle Accountdomein: Vanherle-PC Aanmeldings-id: 0x1c3cc Bevoegdheden: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 52445 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140125224832.753630-000 Event Type: Controle geslaagd User: Computer Name: Vanherle-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: VANHERLE-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 2 Nieuwe aanmelding: Beveiligings-id: S-1-5-21-219209752-1814971668-716802256-1000 Accountnaam: Vanherle Accountdomein: Vanherle-PC Aanmeldings-id: 0x1c423 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x358 Naam proces: C:\Windows\System32\winlogon.exe Netwerkgegevens: Naam van werkstation: VANHERLE-PC Netwerkadres van bron: 127.0.0.1 Poort van bron: 0 Gedetailleerde verificatiegegevens: Aanmeldingsproces: User32 Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 52444 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140125224832.753630-000 Event Type: Controle geslaagd User: Computer Name: Vanherle-PC Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: VANHERLE-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 2 Nieuwe aanmelding: Beveiligings-id: S-1-5-21-219209752-1814971668-716802256-1000 Accountnaam: Vanherle Accountdomein: Vanherle-PC Aanmeldings-id: 0x1c3cc Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x358 Naam proces: C:\Windows\System32\winlogon.exe Netwerkgegevens: Naam van werkstation: VANHERLE-PC Netwerkadres van bron: 127.0.0.1 Poort van bron: 0 Gedetailleerde verificatiegegevens: Aanmeldingsproces: User32 Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 52443 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140125224832.753630-000 Event Type: Controle geslaagd User: Computer Name: Vanherle-PC Event Code: 4648 Message: Poging tot aanmelden met expliciete referenties. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: VANHERLE-PC$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Account waarvan de referenties zijn gebruikt: Accountnaam: Vanherle Accountdomein: Vanherle-PC Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Doelserver: Naam van doelserver: localhost Aanvullende gegevens: localhost Procesgegevens: Proces-id: 0x358 Procesnaam: C:\Windows\System32\winlogon.exe Netwerkgegevens: Netwerkadres: 127.0.0.1 Poort: 0 Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als. Record Number: 52442 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140125224832.753630-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\VDownloader "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=3a09 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "windows_tracing_flags"=3 "AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\ -----------------EOF-----------------