info.txt logfile of random's system information tool 1.10 2014-09-28 14:47:56 ======MBR====== 0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000331A9DD0000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA ======Uninstall list====== clear.fi SDK - Video 2-->"C:\Program Files (x86)\InstallShield Installation Information\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\setup.exe" /z-uninstall clear.fi SDK- Movie 2-->"C:\Program Files (x86)\InstallShield Installation Information\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\setup.exe" /z-uninstall -->"C:\Program Files (x86)\InstallShield Installation Information\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\setup.exe" /z-uninstall -->"C:\Program Files (x86)\InstallShield Installation Information\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\setup.exe" /z-uninstall -->"C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\Uninstall.exe" -->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} Acer Power Management-->MsiExec.exe /i {91F52DE4-B789-42B0-9311-A349F10E5479} PRODUCTNAME="Acer Power Management" BRANDNAME="Acer" NEWUPGRADE=0 BOOTSTRATOR=1 ISDT=1 Acer Recovery Management-->Msiexec.exe /i {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} ACER=1 PRODUCTNAME="Acer Recovery Management" REMOVEUSEC=1 BOOTSTRATOR=1 ACERPRELOAD=1 Acer Remote-->"C:\Program Files (x86)\Acer Remote\uninstall.exe" "/U:C:\Program Files (x86)\Acer Remote\Uninstall\uninstall.xml" AcerCloud Docs-->C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloudDocsSetup.exe -uninstall AcerCloud Portal-->C:\Program Files (x86)\Acer\Acer Cloud\AcerCloudSetup.exe -uninstall Adobe Reader XI (11.0.09) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} AnyDVD-->"C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files (x86)\SlySoft\AnyDVD" AVG 2014-->"C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" /AppMode=SETUP /Uninstall AVG 2014-->MsiExec.exe /I{11FC30D9-3004-4FCA-912B-AF8CB65AED9C} AVG 2014-->MsiExec.exe /I{B42D82E8-FF97-48BB-91AA-86717B2B6B16} Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe" CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe" CdCoverCreator 2.5.3-->C:\Program Files (x86)\CdCoverCreator\uninst.exe clear.fi Media-->C:\Program Files (x86)\Acer\clear.fi Media\clearfiSetup.exe -uninstall clear.fi Photo-->C:\Program Files (x86)\Acer\clear.fi Photo\clearfiSetup.exe -uninstall CloneDVD2-->"C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\CloneDVD2" CyberLink MediaEspresso 6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\setup.exe" /z-uninstall CyberLink MediaEspresso 6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\setup.exe" /z-uninstall Delicious: Emily's Childhood Memories Premium Edition-->"C:\Program Files (x86)\WildGames\Delicious Emilys Childhood Memories Premium Edition\uninstall\uninstaller.exe" Free Studio version 2014-->C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe GIMP 2.8.10-->"C:\Program Files\GIMP 2\uninst\unins000.exe" Google+ Auto Backup-->MsiExec.exe /X{A50DE037-B5C0-4C8A-8049-B0C576B313D1} Governor of Poker 2 Premium Edition-->"C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe" Hotkey Utility-->MsiExec.exe /i {A6DC88AD-501A-44BC-884D-57435F972E2C} PRODUCTNAME="Hotkey Utility" BRANDNAME="Acer" HP Deskjet 2050 J510 series Basissoftware van het apparaat-->MsiExec.exe /I{E98E313E-7909-47FA-A6B4-7EFC20C772EE} HP Deskjet 2050 J510 series Haelp-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F} HP Deskjet 2050 J510 series Productverbeteringsonderzoek-->MsiExec.exe /I{29DE6164-B504-4772-9E4E-A14FD4685D04} HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe HP Update-->MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2} HPDiagnosticAlert-->MsiExec.exe /I{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D} Identity Card-->MsiExec.exe /X{3D9CB654-99AD-4301-89C6-0D12A790767C} Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm Intel(R) Manageability Engine Firmware Recovery Agent-->MsiExec.exe /X{A6C48A9F-694A-4234-B3AA-62590B668927} Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall Intel(R) Network Connections 18.1.59.0-->MsiExec.exe /i{644B5296-5B22-40EE-B954-9598E2E1427E} ARPREMOVE=1 Intel(R) Network Connections 18.1.59.0-->MsiExec.exe /i{644B5296-5B22-40EE-B954-9598E2E1427E} ARPREMOVE=1 Intel® Trusted Connect Service Client-->MsiExec.exe /I{44B72151-611E-429D-9765-9BA093D7E48A} Jewel Match 3-->"C:\Program Files (x86)\WildGames\Jewel Match 3\uninstall\uninstaller.exe" John Deere Drive Green-->"C:\Program Files (x86)\WildGames\John Deere Drive Green\uninstall\uninstaller.exe" Live Updater-->MsiExec.exe /X{EE26E302-876A-48D9-9058-3129E5B99999} Magic Academy-->"C:\Program Files (x86)\WildGames\Magic Academy\uninstall\uninstaller.exe" Malwarebytes Anti-Malware versie 2.0.2.1012-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (Dutch) 2007-->MsiExec.exe /X{90120000-002A-0413-1000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Office-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7} Nero BackItUp 12 Essentials OEM.a01-->MsiExec.exe /I{4CA8F973-6377-4ABF-9ED5-CC2323B3C000} Nero BackItUp Help (CHM)-->MsiExec.exe /X{EF0D1292-8FC1-41BE-9740-DBC134F66415} Nero BackItUp-->MsiExec.exe /X{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7} Nero ControlCenter Help (CHM)-->MsiExec.exe /X{C994C746-C6D0-4EBA-B09E-DF7B18381B69} Nero ControlCenter-->MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63} Nero Core Components-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} Nero Launcher-->MsiExec.exe /X{0E4630AF-0AB7-440E-A978-1A78FC4F43B9} Nero RescueAgent Help (CHM)-->MsiExec.exe /X{0B311221-05A5-4766-8D03-7A6446794156} Nero RescueAgent-->MsiExec.exe /X{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8} Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} Norton Online Backup ARA-->C:\Program Files (x86)\NortonInstaller\{311739EB-5C94-4EE1-B911-2D1F005060F4}\NARA\LicenseType\4.1.0.14\InstStub.exe /X /ARP Norton Online Backup-->MsiExec.exe /X{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC} NVIDIA 3D Vision Controller Driver 311.06-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{372ED04B-C2DF-4BE4-9C0E-D0893C83D344}\NVI2.DLL",UninstallPackage Display.NVIRUSB NVIDIA 3D Vision stuurprogramma 327.02-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{7085A9C2-4A3A-4540-B647-243F82D7FE13}\NVI2.DLL",UninstallPackage Display.3DVision NVIDIA Grafisch stuurprogramma 327.02-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{7085A9C2-4A3A-4540-B647-243F82D7FE13}\NVI2.DLL",UninstallPackage Display.Driver NVIDIA HD Audio-stuurprogramma 1.3.26.4-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D321FD8B-7465-4E2F-BDA1-E9C4BF41C41A}\NVI2.DLL",UninstallPackage HDAudio.Driver NVIDIA PhysX System Software 9.12.1031-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{372ED04B-C2DF-4BE4-9C0E-D0893C83D344}\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask Office Addin-->MsiExec.exe /I{6D2BBE1D-E600-4695-BA37-0B0E605542CC} Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe" Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe" Qualcomm Atheros WLAN and Bluetooth Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 Realtek USB Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{1E496A68-4943-424E-829D-5C3C85B7B8F2}\setup.exe" -runfromtemp -removeonly Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054} Snap.Do-->MsiExec.exe /X{D08D2971-64C8-43FA-B251-E0BBBE9E87E3} Speccy-->"C:\Program Files\Speccy\uninst.exe" Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe" Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" VC_CRT_x64-->MsiExec.exe /I{54F2237F-018C-483B-8884-9FC0D88840C3} Visual Studio 2005 Tools for Office Second Edition Runtime-->C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484} Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)-->C:\Windows\SysWOW64\msiexec.exe /package {8FB53850-246A-3507-8ADE-0060093FFEA6} /uninstall {1AF8622B-42B6-472C-A634-487025BD7B38} /qb+ REBOOTPROMPT="" Visual Studio Tools for the Office system 3.0 Runtime-->C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\Visual Studio Tools for the Office system 3.0 Runtime\install.exe Visual Studio Tools for the Office system 3.0 Runtime-->MsiExec.exe /X{8FB53850-246A-3507-8ADE-0060093FFEA6} WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\acer\Uninstall.exe" WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe" ======System event log====== Computer Name: WIN-AQVR8PSVVAV Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van disabled in auto start. Record Number: 664 Source Name: Service Control Manager Time Written: 20131009161753.808730-000 Event Type: Informatie User: Rita\Administrator Computer Name: WIN-AQVR8PSVVAV Event Code: 7040 Message: Het opstarttype van de service Windows Search is gewijzigd van auto start in disabled. Record Number: 663 Source Name: Service Control Manager Time Written: 20131009161746.667990-000 Event Type: Informatie User: Rita\Administrator Computer Name: WIN-AQVR8PSVVAV Event Code: 104 Message: Logboekbestand Setup is gewist. Record Number: 662 Source Name: Microsoft-Windows-Eventlog Time Written: 20131009161741.777337-000 Event Type: Informatie User: Rita\Administrator Computer Name: WIN-AQVR8PSVVAV Event Code: 104 Message: Logboekbestand Application is gewist. Record Number: 661 Source Name: Microsoft-Windows-Eventlog Time Written: 20131009161741.699210-000 Event Type: Informatie User: Rita\Administrator Computer Name: WIN-AQVR8PSVVAV Event Code: 104 Message: Logboekbestand System is gewist. Record Number: 660 Source Name: Microsoft-Windows-Eventlog Time Written: 20131009161741.652335-000 Event Type: Informatie User: Rita\Administrator =====Application event log===== Computer Name: WIN-AQVR8PSVVAV Event Code: 1013 Message: De Windows Search-service is normaal gestopt. Record Number: 619 Source Name: Microsoft-Windows-Search Time Written: 20131009161800.000000-000 Event Type: Informatie User: Computer Name: WIN-AQVR8PSVVAV Event Code: 6000 Message: De kennisgevingssubscriber van winlogon was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken. Record Number: 618 Source Name: Microsoft-Windows-Winlogon Time Written: 20131009161800.000000-000 Event Type: Informatie User: Computer Name: WIN-AQVR8PSVVAV Event Code: 1003 Message: De Windows Search-service is gestart. Record Number: 617 Source Name: Microsoft-Windows-Search Time Written: 20131009161753.000000-000 Event Type: Informatie User: Computer Name: WIN-AQVR8PSVVAV Event Code: 1013 Message: De Windows Search-service is normaal gestopt. Record Number: 616 Source Name: Microsoft-Windows-Search Time Written: 20131009161752.000000-000 Event Type: Informatie User: Computer Name: WIN-AQVR8PSVVAV Event Code: 103 Message: SearchIndexer (2928) Windows: De database-engine heeft de sessie (0) stopgezet. Dirty Shutdown: 0 Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.031, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.031, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000. Record Number: 615 Source Name: ESENT Time Written: 20131009161752.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: Rita Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: RITA$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\Program Files\Windows Defender\mpuxhostproxy.dll Ingangs-id: 0x24 Procesgegevens: Proces-id: 0xb2b0 Procesnaam: C:\Windows\System32\poqexec.exe Controle-instellingen: Oorspronkelijke security descriptor: S:AI Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 31780 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140315092449.529878-000 Event Type: Controle geslaagd User: Computer Name: Rita Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: RITA$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\Program Files\Windows Defender\MsMpRes.dll Ingangs-id: 0x18 Procesgegevens: Proces-id: 0xb2b0 Procesnaam: C:\Windows\System32\poqexec.exe Controle-instellingen: Oorspronkelijke security descriptor: S:AI Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 31779 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140315092449.529878-000 Event Type: Controle geslaagd User: Computer Name: Rita Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: RITA$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\Program Files\Windows Defender\MpRtp.dll Ingangs-id: 0x18 Procesgegevens: Proces-id: 0xb2b0 Procesnaam: C:\Windows\System32\poqexec.exe Controle-instellingen: Oorspronkelijke security descriptor: S:AI Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 31778 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140315092449.529878-000 Event Type: Controle geslaagd User: Computer Name: Rita Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: RITA$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\Program Files\Windows Defender\NisSrv.exe Ingangs-id: 0x24 Procesgegevens: Proces-id: 0xb2b0 Procesnaam: C:\Windows\System32\poqexec.exe Controle-instellingen: Oorspronkelijke security descriptor: S:AI Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 31777 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140315092449.529878-000 Event Type: Controle geslaagd User: Computer Name: Rita Event Code: 4907 Message: De controle-instellingen voor een object zijn gewijzigd. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: RITA$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3E7 Object: Objectserver: Security Objecttype: File Objectnaam: C:\Program Files\Windows Defender\MsMpLics.dll Ingangs-id: 0x18 Procesgegevens: Proces-id: 0xb2b0 Procesnaam: C:\Windows\System32\poqexec.exe Controle-instellingen: Oorspronkelijke security descriptor: S:AI Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 31776 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20140315092449.514252-000 Event Type: Controle geslaagd User: ======Environment variables====== "FP_NO_HOST_CHECK"=NO "USERNAME"=SYSTEM "ComSpec"=%SystemRoot%\system32\cmd.exe "TMP"=%SystemRoot%\TEMP "OS"=Windows_NT "windir"=%SystemRoot% "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=3c03 "Path"=C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Users\Spike\AppData\Local\Smartbar\Application\ -----------------EOF-----------------