*************************************************************
********************** Computer Info ************************
*************************************************************
Logged in user: GamingPC\Owner
Computer Model: 132-YW-E178-FTW
Computer Manufacturer: EVGA__
OS Name: Microsoft® Windows Vista™ Home Premium |C:\Windows|\Device\Harddisk0\Partition1
OS Version: 6.0.6002
System Type: x64-based PC
Total Physical Memory: 4094 MB
Windows Directory: C:\Windows
BIOS Version: Phoenix - AwardBIOS v6.00PG
CPU: Intel(R) Core(TM)2 Extreme CPU X9650 @ 3.00GHz
Video Card: NVIDIA GeForce 9600 GT
Resolution: 1600 x 1200 x 4294967296 colors
*************************************************************
*********************** UAC Status **************************
*************************************************************
UAC is currently enabled
*************************************************************
***************** Installed Applications ********************
*************************************************************
Folding@home-gpu - Location:
Windows Media Player Firefox Plugin - Location:
Microsoft WSE 3.0 Runtime - Location: C:\Program Files (x86)\Microsoft WSE\v3.0\
Microsoft Office Access MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Shared Setup Metadata MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Excel MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Access Setup Metadata MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office PowerPoint MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Publisher MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Outlook MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Office 64-bit Components 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Shared 64-bit MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Word MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Proofing (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Shared MUI (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Proof (English) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Proof (Spanish) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Proof (French) 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Office Professional 2007 - Location: C:\Program Files (x86)\Microsoft Office\
Microsoft Application Error Reporting - Location:
Microsoft Office Live Add-in 1.3 - Location:
Windows Live Sync - Location:
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - Location:
NVIDIA PhysX - Location: C:\Windows\TEMP\
Apple Application Support - Location:
Microsoft Money Shared Libraries - Location:
Adobe AIR - Location: C:\Program Files (x86)\Common Files\Adobe AIR\
Microsoft .NET Framework 3.5 SP1 - Location:
Sid Meier's Railroads! - Location: J:\Games\Sid Meier's Railroads!\
Apple Mobile Device Support - Location: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\
Windows Live Essentials - Location:
Acrobat.com - Location: C:\Program Files (x86)\Adobe\Acrobat.com
Java(TM) 6 Update 15 - Location: C:\Program Files (x86)\Java\jre6\
Adobe Reader 9.1.3 - Location:
Windows Live Sign-in Assistant - Location:
MSVCRT - Location:
Choice Guard - Location:
TweetDeck - Location: C:\Program Files (x86)\TweetDeck
Google Update Helper - Location:
Kaspersky Internet Security 2010 - Location: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\
Skype™ 4.0 - Location: C:\Program Files (x86)\Skype\
Microsoft Visual C++ 2005 Redistributable - Location:
iTunes - Location: C:\Program Files (x86)\iTunes\
BOINC - Location: J:\Program Files (x86)\BOINC\
- Location:
PVSonyDll - Location: C:\Windows\SysWOW64\
Microsoft Silverlight - Location: C:\Program Files (x86)\Microsoft Silverlight\
Windows Live Upload Tool - Location:
Microsoft .NET Framework 1.1 - Location:
Windows Live Communications Platform - Location:
QuickTime - Location: C:\Program Files (x86)\QuickTime\
Bonjour - Location: C:\Program Files (x86)\Bonjour\
Apple Software Update - Location: C:\Program Files (x86)\Apple Software Update\
Microsoft Visual C++ 2005 Redistributable - Location:
*************************************************************
************************* Services **************************
*************************************************************
------------------------------------------
Name: Application Experience
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Application Layer Gateway Service
Path: C:\Windows\System32\alg.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Application Information
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Manual
State: Running
------------------------------------------
Name: Apple Mobile Device
Path: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
StartMode: Auto
State: Running
------------------------------------------
Name: ASP.NET State Service
Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Audio Endpoint Builder
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Audio
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Kaspersky Internet Security
Path: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" -r
StartMode: Auto
State: Running
------------------------------------------
Name: Base Filtering Engine
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
StartMode: Auto
State: Running
------------------------------------------
Name: Background Intelligent Transfer Service
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Bonjour Service
Path: "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
StartMode: Auto
State: Running
------------------------------------------
Name: Computer Browser
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Certificate Propagation
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Microsoft .NET Framework NGEN v2.0.50727_X86
Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Microsoft .NET Framework NGEN v2.0.50727_X64
Path: C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: COM+ System Application
Path: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
StartMode: Manual
State: Stopped
------------------------------------------
Name: Cryptographic Services
Path: C:\Windows\system32\svchost.exe -k NetworkService
StartMode: Auto
State: Running
------------------------------------------
Name: DCOM Server Process Launcher
Path: C:\Windows\system32\svchost.exe -k DcomLaunch
StartMode: Auto
State: Running
------------------------------------------
Name: DFS Replication
Path: C:\Windows\system32\DFSR.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: DHCP Client
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: DNS Client
Path: C:\Windows\system32\svchost.exe -k NetworkService
StartMode: Auto
State: Running
------------------------------------------
Name: Wired AutoConfig
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: Diagnostic Policy Service
Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
StartMode: Auto
State: Running
------------------------------------------
Name: Extensible Authentication Protocol
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Manual
State: Running
------------------------------------------
Name: Windows Media Center Receiver Service
Path: C:\Windows\ehome\ehRecvr.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Media Center Scheduler Service
Path: C:\Windows\ehome\ehsched.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Media Center Service Launcher
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
StartMode: Auto
State: Stopped
------------------------------------------
Name: ReadyBoost
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Event Log
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: COM+ Event System
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Function Discovery Provider Host
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Running
------------------------------------------
Name: Function Discovery Resource Publication
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Presentation Foundation Font Cache 3.0.0.0
Path: C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Group Policy Client
Path: C:\Windows\system32\svchost.exe -k GPSvcGroup
StartMode: Auto
State: Running
------------------------------------------
Name: Google Update Service (gupdate1c9c45b37c6074a)
Path: "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
StartMode: Auto
State: Stopped
------------------------------------------
Name: Human Interface Device Access
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Health Key and Certificate Management
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows CardSpace
Path: "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
StartMode: Manual
State: Stopped
------------------------------------------
Name: IKE and AuthIP IPsec Keying Modules
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: PnP-X IP Bus Enumerator
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: IP Helper
Path: C:\Windows\System32\svchost.exe -k NetSvcs
StartMode: Auto
State: Running
------------------------------------------
Name: iPod Service
Path: "C:\Program Files (x86)\iPod\bin\iPodService.exe"
StartMode: Manual
State: Running
------------------------------------------
Name: CNG Key Isolation
Path: C:\Windows\system32\lsass.exe
StartMode: Manual
State: Running
------------------------------------------
Name: KtmRm for Distributed Transaction Coordinator
Path: C:\Windows\System32\svchost.exe -k NetworkService
StartMode: Auto
State: Running
------------------------------------------
Name: Server
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Workstation
Path: C:\Windows\System32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Link-Layer Topology Discovery Mapper
Path: C:\Windows\System32\svchost.exe -k LocalService
StartMode: Manual
State: Stopped
------------------------------------------
Name: TCP/IP NetBIOS Helper
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Media Center Extender Service
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Disabled
State: Stopped
------------------------------------------
Name: Multimedia Class Scheduler
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Firewall
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
StartMode: Auto
State: Running
------------------------------------------
Name: Distributed Transaction Coordinator
Path: C:\Windows\System32\msdtc.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Microsoft iSCSI Initiator Service
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Installer
Path: C:\Windows\system32\msiexec /V
StartMode: Manual
State: Running
------------------------------------------
Name: Network Access Protection Agent
Path: C:\Windows\System32\svchost.exe -k NetworkService
StartMode: Manual
State: Stopped
------------------------------------------
Name: Netlogon
Path: C:\Windows\system32\lsass.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Network Connections
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Manual
State: Running
------------------------------------------
Name: Network List Service
Path: C:\Windows\System32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Net.Tcp Port Sharing Service
Path: "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
StartMode: Disabled
State: Stopped
------------------------------------------
Name: Network Location Awareness
Path: C:\Windows\System32\svchost.exe -k NetworkService
StartMode: Auto
State: Running
------------------------------------------
Name: Network Store Interface Service
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: NVIDIA Display Driver Service
Path: C:\Windows\system32\nvvsvc.exe
StartMode: Auto
State: Running
------------------------------------------
Name: Microsoft Office Diagnostics Service
Path: "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
StartMode: Manual
State: Stopped
------------------------------------------
Name: Office Source Engine
Path: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
StartMode: Manual
State: Stopped
------------------------------------------
Name: Peer Networking Identity Manager
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: Peer Networking Grouping
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: Program Compatibility Assistant Service
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Performance Counter DLL Host
Path: C:\Windows\SysWow64\perfhost.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Performance Logs & Alerts
Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
StartMode: Manual
State: Stopped
------------------------------------------
Name: Plug and Play
Path: C:\Windows\system32\svchost.exe -k DcomLaunch
StartMode: Auto
State: Running
------------------------------------------
Name: PNRP Machine Name Publication Service
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: Peer Name Resolution Protocol
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: IPsec Policy Agent
Path: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: User Profile Service
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Protected Storage
Path: C:\Windows\system32\lsass.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Quality Windows Audio Video Experience
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Stopped
------------------------------------------
Name: Remote Access Auto Connection Manager
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Remote Access Connection Manager
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Manual
State: Running
------------------------------------------
Name: Routing and Remote Access
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Disabled
State: Stopped
------------------------------------------
Name: Remote Registry
Path: C:\Windows\system32\svchost.exe -k regsvc
StartMode: Manual
State: Stopped
------------------------------------------
Name: Remote Procedure Call (RPC) Locator
Path: C:\Windows\system32\locator.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Remote Procedure Call (RPC)
Path: C:\Windows\system32\svchost.exe -k rpcss
StartMode: Auto
State: Running
------------------------------------------
Name: Security Accounts Manager
Path: C:\Windows\system32\lsass.exe
StartMode: Auto
State: Running
------------------------------------------
Name: Smart Card
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Stopped
------------------------------------------
Name: Task Scheduler
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Smart Card Removal Policy
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Backup
Path: C:\Windows\system32\svchost.exe -k SDRSVC
StartMode: Manual
State: Stopped
------------------------------------------
Name: Secondary Logon
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: System Event Notification Service
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Terminal Services Configuration
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Internet Connection Sharing (ICS)
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Disabled
State: Stopped
------------------------------------------
Name: Shell Hardware Detection
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Software Licensing
Path: C:\Windows\system32\SLsvc.exe
StartMode: Auto
State: Running
------------------------------------------
Name: SL UI Notification Service
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Stopped
------------------------------------------
Name: SNMP Trap
Path: C:\Windows\System32\snmptrap.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Print Spooler
Path: C:\Windows\System32\spoolsv.exe
StartMode: Auto
State: Running
------------------------------------------
Name: SSDP Discovery
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Running
------------------------------------------
Name: Secure Socket Tunneling Protocol Service
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Running
------------------------------------------
Name: Windows Image Acquisition (WIA)
Path: C:\Windows\system32\svchost.exe -k imgsvc
StartMode: Auto
State: Running
------------------------------------------
Name: Microsoft Software Shadow Copy Provider
Path: C:\Windows\System32\svchost.exe -k swprv
StartMode: Manual
State: Stopped
------------------------------------------
Name: Superfetch
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Tablet PC Input Service
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Telephony
Path: C:\Windows\System32\svchost.exe -k NetworkService
StartMode: Manual
State: Running
------------------------------------------
Name: TPM Base Services
Path: C:\Windows\System32\svchost.exe -k LocalService
StartMode: Auto
State: Stopped
------------------------------------------
Name: Terminal Services
Path: C:\Windows\System32\svchost.exe -k NetworkService
StartMode: Auto
State: Running
------------------------------------------
Name: Themes
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Thread Ordering Server
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Stopped
------------------------------------------
Name: Distributed Link Tracking Client
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Modules Installer
Path: C:\Windows\servicing\TrustedInstaller.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Interactive Services Detection
Path: C:\Windows\system32\UI0Detect.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: UPnP Device Host
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Desktop Window Manager Session Manager
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Virtual Disk
Path: C:\Windows\System32\vds.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Volume Shadow Copy
Path: C:\Windows\system32\vssvc.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Time
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Connect Now - Config Registrar
Path: C:\Windows\System32\svchost.exe -k LocalService
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Color System
Path: C:\Windows\system32\svchost.exe -k wcssvc
StartMode: Manual
State: Stopped
------------------------------------------
Name: Diagnostic Service Host
Path: C:\Windows\System32\svchost.exe -k wdisvc
StartMode: Manual
State: Stopped
------------------------------------------
Name: Diagnostic System Host
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Manual
State: Running
------------------------------------------
Name: WebClient
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Event Collector
Path: C:\Windows\system32\svchost.exe -k NetworkService
StartMode: Manual
State: Stopped
------------------------------------------
Name: Problem Reports and Solutions Control Panel Support
Path: C:\Windows\System32\svchost.exe -k netsvcs
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Error Reporting Service
Path: C:\Windows\System32\svchost.exe -k WerSvcGroup
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Defender
Path: C:\Windows\System32\svchost.exe -k secsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: WinHTTP Web Proxy Auto-Discovery Service
Path: C:\Windows\system32\svchost.exe -k LocalService
StartMode: Manual
State: Running
------------------------------------------
Name: Windows Management Instrumentation
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Remote Management (WS-Management)
Path: C:\Windows\System32\svchost.exe -k NetworkService
StartMode: Manual
State: Stopped
------------------------------------------
Name: WLAN AutoConfig
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: WMI Performance Adapter
Path: C:\Windows\system32\wbem\WmiApSrv.exe
StartMode: Manual
State: Stopped
------------------------------------------
Name: Windows Media Player Network Sharing Service
Path: "C:\Program Files\Windows Media Player\wmpnetwk.exe"
StartMode: Auto
State: Running
------------------------------------------
Name: Parental Controls
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Manual
State: Stopped
------------------------------------------
Name: Portable Device Enumerator Service
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Security Center
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Search
Path: C:\Windows\system32\SearchIndexer.exe /Embedding
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Update
Path: C:\Windows\system32\svchost.exe -k netsvcs
StartMode: Auto
State: Running
------------------------------------------
Name: Windows Driver Foundation - User-mode Driver Framework
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
StartMode: Auto
State: Running
------------------------------------------
*************************************************************
******************** Installed Codecs ***********************
*************************************************************
------------------------------------------
Name: C:\Windows\system32\MSRLE32.DLL Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: msrle32
------------------------------------------
Name: C:\Windows\system32\MSVIDC32.DLL Description:
Version: 6.0.6001.18000
Path: \windows\system32\
FileName: msvidc32
------------------------------------------
Name: C:\Windows\system32\IMAADP32.ACM Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: imaadp32
------------------------------------------
Name: C:\Windows\system32\MSG711.ACM Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: msg711
------------------------------------------
Name: C:\Windows\system32\MSGSM32.ACM Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: msgsm32
------------------------------------------
Name: C:\Windows\system32\MSADP32.ACM Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: msadp32
------------------------------------------
Name: C:\Windows\system32\MSYUV.DLL Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: msyuv
------------------------------------------
Name: C:\Windows\system32\IYUV_32.DLL Description:
Version: 6.0.6000.16386
Path: \windows\system32\
FileName: iyuv_32
------------------------------------------
Name: C:\Windows\system32\TSBYUV.DLL Description:
Version: 6.0.6002.18005
Path: \windows\system32\
FileName: tsbyuv
------------------------------------------
Name: C:\Windows\system32\L3CODECA.ACM Description: Fraunhofer IIS MPEG Layer-3 Codec
Version: 1.9.0.401
Path: \windows\system32\
FileName: l3codeca
------------------------------------------
Name: C:\Windows\system32\XFCODEC64.DLL Description: Xfire video codec [XFR1]
Version: 1.0.0.36913
Path: \windows\system32\
FileName: xfcodec64
------------------------------------------
*************************************************************
*********************** Hot Fixes ***************************
*************************************************************
Description:
HotFixID: {AC76BA86-7AD7-0000-2550-7A8C40000913}
------------------------------------------
Description:
HotFixID: {8B2F38F1-6D3C-4D87-AD2F-954AF6942800}
------------------------------------------
Description: Update
HotFixID: 944036
------------------------------------------
Description: Update
HotFixID: KB905866
------------------------------------------
Description: Update
HotFixID: KB935509
------------------------------------------
Description: Update
HotFixID: KB937287
------------------------------------------
Description: Update
HotFixID: KB938371
------------------------------------------
Description: Security Update
HotFixID: KB938464
------------------------------------------
Description: Update
HotFixID: KB948609
------------------------------------------
Description: Update
HotFixID: KB948610
------------------------------------------
Description: Update
HotFixID: KB950124
------------------------------------------
Description: Update
HotFixID: KB950125
------------------------------------------
Description: Security Update
HotFixID: KB950760
------------------------------------------
Description: Security Update
HotFixID: KB950762
------------------------------------------
Description: Security Update
HotFixID: KB950974
------------------------------------------
Description: Security Update
HotFixID: KB951066
------------------------------------------
Description: Security Update
HotFixID: KB951376
------------------------------------------
Description: Security Update
HotFixID: KB951698
------------------------------------------
Description: Update
HotFixID: KB951978
------------------------------------------
Description: Security Update
HotFixID: KB952004
------------------------------------------
Description: Security Update
HotFixID: KB952069
------------------------------------------
Description: Hotfix
HotFixID: KB952287
------------------------------------------
Description: Update
HotFixID: KB952709
------------------------------------------
Description: Update
HotFixID: KB952714
------------------------------------------
Description: Security Update
HotFixID: KB953155
------------------------------------------
Description: Security Update
HotFixID: KB953733
------------------------------------------
Description: Security Update
HotFixID: KB954154
------------------------------------------
Description: Security Update
HotFixID: KB954459
------------------------------------------
Description: Update
HotFixID: KB955020
------------------------------------------
Description: Security Update
HotFixID: KB955069
------------------------------------------
Description: Update
HotFixID: KB955302
------------------------------------------
Description: Update
HotFixID: KB955430
------------------------------------------
Description: Update
HotFixID: KB955839
------------------------------------------
Description: Security Update
HotFixID: KB956572
------------------------------------------
Description: Security Update
HotFixID: KB956744
------------------------------------------
Description: Security Update
HotFixID: KB956802
------------------------------------------
Description: Security Update
HotFixID: KB956841
------------------------------------------
Description: Update
HotFixID: KB957000
------------------------------------------
Description: Security Update
HotFixID: KB957097
------------------------------------------
Description: Update
HotFixID: KB957200
------------------------------------------
Description: Update
HotFixID: KB957321
------------------------------------------
Description: Update
HotFixID: KB957388
------------------------------------------
Description: Update
HotFixID: KB958481
------------------------------------------
Description: Update
HotFixID: KB958483
------------------------------------------
Description: Security Update
HotFixID: KB958623
------------------------------------------
Description: Security Update
HotFixID: KB958624
------------------------------------------
Description: Security Update
HotFixID: KB958644
------------------------------------------
Description: Security Update
HotFixID: KB958687
------------------------------------------
Description: Security Update
HotFixID: KB958690
------------------------------------------
Description: Update
HotFixID: KB959108
------------------------------------------
Description: Update
HotFixID: KB959130
------------------------------------------
Description: Security Update
HotFixID: KB959426
------------------------------------------
Description: Security Update
HotFixID: KB960225
------------------------------------------
Description: Update
HotFixID: KB960544
------------------------------------------
Description: Security Update
HotFixID: KB960715
------------------------------------------
Description: Security Update
HotFixID: KB960803
------------------------------------------
Description: Security Update
HotFixID: KB961260
------------------------------------------
Description: Security Update
HotFixID: KB961371
------------------------------------------
Description: Security Update
HotFixID: KB961501
------------------------------------------
Description: Security Update
HotFixID: KB963027
------------------------------------------
Description: Update
HotFixID: KB967190
------------------------------------------
Description: Update
HotFixID: KB967632
------------------------------------------
Description: Security Update
HotFixID: KB967723
------------------------------------------
Description: Update
HotFixID: KB968389
------------------------------------------
Description: Security Update
HotFixID: KB968537
------------------------------------------
Description: Security Update
HotFixID: KB968816
------------------------------------------
Description: Update
HotFixID: KB969058
------------------------------------------
Description: Update
HotFixID: KB969497
------------------------------------------
Description: Security Update
HotFixID: KB970238
------------------------------------------
Description: Update
HotFixID: KB970653
------------------------------------------
Description: Security Update
HotFixID: KB970710
------------------------------------------
Description: Update
HotFixID: KB971180
------------------------------------------
Description: Security Update
HotFixID: KB971557
------------------------------------------
Description: Security Update
HotFixID: KB971657
------------------------------------------
Description: Security Update
HotFixID: KB971961
------------------------------------------
Description: Update
HotFixID: KB972036
------------------------------------------
Description: Security Update
HotFixID: KB972260
------------------------------------------
Description: Security Update
HotFixID: KB973346
------------------------------------------
Description: Security Update
HotFixID: KB973507
------------------------------------------
Description: Security Update
HotFixID: KB973540
------------------------------------------
Description: Update
HotFixID: KB973768
------------------------------------------
Description: Update
HotFixID: KB973874
------------------------------------------
Description: Service Pack
HotFixID: KB948465
------------------------------------------
Description: Update
HotFixID: 940157
------------------------------------------
*************************************************************
************************* Event Log *************************
*************************************************************
Application - 9/17/2009 11:12:09 PM: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'
------------------------------------------
Application - 9/17/2009 11:12:09 PM: Windows Installer reconfigured the product. Product Name: PVSonyDll. Product Version: 1.00.0001. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:09 PM: Windows Installer reconfigured the product. Product Name: Microsoft Silverlight. Product Version: 3.0.40818.0. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:09 PM: Windows Installer reconfigured the product. Product Name: Windows Live Upload Tool. Product Version: 14.0.8014.1029. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:11 PM: Windows Installer reconfigured the product. Product Name: Microsoft .NET Framework 1.1. Product Version: 1.1.4322. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:11 PM: Windows Installer reconfigured the product. Product Name: Windows Live Communications Platform. Product Version: 14.0.8064.206. Product Language: 0. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:12 PM: Windows Installer reconfigured the product. Product Name: QuickTime. Product Version: 7.64.17.73. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:12 PM: Windows Installer reconfigured the product. Product Name: Bonjour. Product Version: 1.0.106. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:12 PM: Windows Installer reconfigured the product. Product Name: Apple Software Update. Product Version: 2.1.1.116. Product Language: 1033. Reconfiguration success or error status: 0.
------------------------------------------
Application - 9/17/2009 11:12:13 PM: Windows Installer reconfigured the product. Product Name: Microsoft Visual C++ 2005 Redistributable. Product Version: 8.0.50727.42. Product Language: 0. Reconfiguration success or error status: 0.
------------------------------------------
Microsoft Office Sessions - 9/2/2009 5:14:45 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 106 seconds with 60 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/2/2009 5:15:03 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/2/2009 5:15:15 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/2/2009 5:15:29 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/3/2009 9:52:09 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 387 seconds with 0 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/9/2009 1:24:07 AM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1242 seconds with 60 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/14/2009 2:41:22 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12937 seconds with 4260 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/15/2009 1:38:40 PM: ID: 18, Application Name: Picture Manager, Application Version: 12.0.6413.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 188 seconds with 180 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/15/2009 3:31:53 PM: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 982 seconds with 120 seconds of active time. This session ended normally.
------------------------------------------
Microsoft Office Sessions - 9/17/2009 6:25:47 AM: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended normally.
------------------------------------------
Security - 9/17/2009 11:05:42 PM: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: Owner
Account Domain: GamingPC
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x3b8
Process Name: C:\Windows\System32\winlogon.exe
Network Information:
Network Address: 127.0.0.1
Port: 0
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
------------------------------------------
Security - 9/17/2009 11:05:42 PM: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 2
New Logon:
Security ID: S-1-5-21-2539564060-3505532292-2073257894-1000
Account Name: Owner
Account Domain: GamingPC
Logon ID: 0x8caa9
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x3b8
Process Name: C:\Windows\System32\winlogon.exe
Network Information:
Workstation Name: GAMINGPC
Source Network Address: 127.0.0.1
Source Port: 0
Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
------------------------------------------
Security - 9/17/2009 11:05:42 PM: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 2
New Logon:
Security ID: S-1-5-21-2539564060-3505532292-2073257894-1000
Account Name: Owner
Account Domain: GamingPC
Logon ID: 0x8cae3
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x3b8
Process Name: C:\Windows\System32\winlogon.exe
Network Information:
Workstation Name: GAMINGPC
Source Network Address: 127.0.0.1
Source Port: 0
Detailed Authentication Information:
Logon Process: User32
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
------------------------------------------
Security - 9/17/2009 11:05:42 PM: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-21-2539564060-3505532292-2073257894-1000
Account Name: Owner
Account Domain: GamingPC
Logon ID: 0x8caa9
Privileges: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
------------------------------------------
Security - 9/17/2009 11:11:49 PM: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x2b0
Process Name: C:\Windows\System32\services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
------------------------------------------
Security - 9/17/2009 11:11:49 PM: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2b0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
------------------------------------------
Security - 9/17/2009 11:11:49 PM: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
------------------------------------------
Security - 9/17/2009 11:12:21 PM: A logon was attempted using explicit credentials.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x2b0
Process Name: C:\Windows\System32\services.exe
Network Information:
Network Address: -
Port: -
This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
------------------------------------------
Security - 9/17/2009 11:12:21 PM: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: GAMINGPC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2b0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
------------------------------------------
Security - 9/17/2009 11:12:21 PM: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
------------------------------------------
System - 9/17/2009 11:06:07 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'Network Connections', 'running'
------------------------------------------
System - 9/17/2009 11:06:53 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'Secure Socket Tunneling Protocol Service', 'running'
------------------------------------------
System - 9/17/2009 11:06:53 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'Telephony', 'running'
------------------------------------------
System - 9/17/2009 11:06:54 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'Remote Access Connection Manager', 'running'
------------------------------------------
System - 9/17/2009 11:06:59 PM: The description for Event ID '-1073731795' in Source 'DCOM' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'iPod Service', '', '{063D34A4-BF84-4B8D-B699-E8CA06504DDE}'
------------------------------------------
System - 9/17/2009 11:06:59 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'iPod Service', 'running'
------------------------------------------
System - 9/17/2009 11:11:50 PM: The description for Event ID '-1073731795' in Source 'DCOM' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'MSIServer', '', '{000C101C-0000-0000-C000-000000000046}'
------------------------------------------
System - 9/17/2009 11:11:50 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'Windows Installer', 'running'
------------------------------------------
System - 9/17/2009 11:12:21 PM: The description for Event ID '-1073731795' in Source 'DCOM' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'TrustedInstaller', '', '{752073A1-23F2-4396-85F0-8FDB879ED0ED}'
------------------------------------------
System - 9/17/2009 11:12:21 PM: The description for Event ID '1073748860' in Source 'Service Control Manager' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:'Windows Modules Installer', 'running'
------------------------------------------
*************************************************************
**************** Windows Experience Index *******************
*************************************************************
CPU Score: 5.8
Disk Score: 5.6
Graphics Score: 5.9
Direct 3D Score: 5.9
Memory Score: 5.7
WEI Score: 5.6
*************************************************************
************************* Users *****************************
*************************************************************
------------------------------------------
Name: Administrator Domain: GamingPC
FullName: Description: Built-in account for administering the computer/domain
Disabled: True
Status: Degraded
LocalAccount: True
PasswordChangeable: True
PasswordExpires: False
PasswordRequired: True
------------------------------------------
Name: ASPNET Domain: GamingPC
FullName: ASP.NET Machine Account Description: Account used for running the ASP.NET worker process (aspnet_wp.exe)
Disabled: False
Status: OK
LocalAccount: True
PasswordChangeable: False
PasswordExpires: False
PasswordRequired: False
------------------------------------------
Name: Guest Domain: GamingPC
FullName: Description: Built-in account for guest access to the computer/domain
Disabled: True
Status: Degraded
LocalAccount: True
PasswordChangeable: False
PasswordExpires: False
PasswordRequired: False
------------------------------------------
Name: Owner Domain: GamingPC
FullName: Description:
Disabled: False
Status: OK
LocalAccount: True
PasswordChangeable: True
PasswordExpires: False
PasswordRequired: False
------------------------------------------
*************************************************************
************************** Memory ***************************
*************************************************************
------------------------------------------
Manufacturer: None
Model:
Name: Physical Memory
Bank Label: Bank0/1
Capacity: 2048 MB
Description: Physical Memory
Tag: Physical Memory 0
------------------------------------------
Manufacturer: None
Model:
Name: Physical Memory
Bank Label: Bank2/3
Capacity: 2048 MB
Description: Physical Memory
Tag: Physical Memory 1
------------------------------------------
*************************************************************
************************ Video Card *************************
*************************************************************
Brand: NVIDIA
Model: NVIDIA GeForce 9600 GT
Adapter DAC Type: Integrated RAMDAC
Adapter RAM: 1024 MB
Current BitsPerPixel: 32
Current Number Of Colors: 4294967296
Current Refresh Rate: 59
Driver Date: 07/15/2009 06:54:00
Driver Version: 8.15.11.9038
MaxRefreshRate: 75
MinRefreshRate: 56
Status: OK
Video Memory Type: 2
Video Mode Description: 1600 x 1200 x 4294967296 colors
Video Processor: GeForce 9600 GT
*************************************************************
************************** Drives ***************************
*************************************************************
Model: ST316081 1AS SCSI Disk Device
Description: Disk drive
InterfaceType: IDE
Partitions: 1
SCSIBus: 1
SCSILogicalUnit: 0
SCSIPort: 4
SCSITargetId: 1
SectorsPerTrack: 63
Size: 149 GB
Status: OK
------------------------------------------
Model: FANTOM WD10EACS-22D6B0 USB Device
Description: Disk drive
InterfaceType: USB
Partitions: 1
SCSIBus:
SCSILogicalUnit:
SCSIPort:
SCSITargetId:
SectorsPerTrack: 63
Size: 932 GB
Status: OK
------------------------------------------
Model: Generic USB CF Reader USB Device
Description: Disk drive
InterfaceType: USB
Partitions: 0
SCSIBus:
SCSILogicalUnit:
SCSIPort:
SCSITargetId:
SectorsPerTrack:
Size: 0 GB
Status: OK
------------------------------------------
Model: Generic USB MS Reader USB Device
Description: Disk drive
InterfaceType: USB
Partitions: 0
SCSIBus:
SCSILogicalUnit:
SCSIPort:
SCSITargetId:
SectorsPerTrack:
Size: 0 GB
Status: OK
------------------------------------------
Model: Generic USB SD Reader USB Device
Description: Disk drive
InterfaceType: USB
Partitions: 0
SCSIBus:
SCSILogicalUnit:
SCSIPort:
SCSITargetId:
SectorsPerTrack:
Size: 0 GB
Status: OK
------------------------------------------
Model: Generic USB SM Reader USB Device
Description: Disk drive
InterfaceType: USB
Partitions: 0
SCSIBus:
SCSILogicalUnit:
SCSIPort:
SCSITargetId:
SectorsPerTrack:
Size: 0 GB
Status: OK
------------------------------------------
*************************************************************
************************ CD/DVD Rom *************************
*************************************************************
Name: HL-DT-ST DVD-ROM GDR-H30N ATA Device
Description: CD-ROM Drive
LastErrorCode:
Manufacturer: (Standard CD-ROM drives)
Media Type: DVD-ROM
------------------------------------------
Name: Optiarc DVD RW AD-7190A ATA Device
Description: CD-ROM Drive
LastErrorCode:
Manufacturer: (Standard CD-ROM drives)
Media Type: DVD Writer
------------------------------------------
*************************************************************
************************* IDE/SATA **************************
*************************************************************
------------------------------------------
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Name: Standard Dual Channel PCI IDE Controller
Last Error Code:
Status: OK
------------------------------------------
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Name: IDE Channel
Last Error Code:
Status: OK
------------------------------------------
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Name: IDE Channel
Last Error Code:
Status: OK
------------------------------------------
Manufacturer: NVIDIA Corporation
Name: NVIDIA nForce Serial ATA Controller
Last Error Code:
Status: OK
------------------------------------------
Manufacturer: NVIDIA Corporation
Name: NVIDIA nForce Serial ATA Controller
Last Error Code:
Status: OK
------------------------------------------
Manufacturer: NVIDIA Corporation
Name: NVIDIA nForce Serial ATA Controller
Last Error Code:
Status: OK
------------------------------------------
*************************************************************
************************** Network **************************
*************************************************************
Windows IP Configuration
Host Name . . . . . . . . . . . . : GamingPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : comcast.net
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . : comcast.net
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet #5
Physical Address. . . . . . . . . : 00-1F-BC-07-E3-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2094:96a7:a62e:84ee%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 17, 2009 11:02:57 PM
Lease Expires . . . . . . . . . . : Friday, September 18, 2009 11:02:57 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 452992956
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-71-91-43-00-1F-BC-07-E3-78
DNS Servers . . . . . . . . . . . : 68.87.72.134
68.87.77.134
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet #4
Physical Address. . . . . . . . . : 00-1F-BC-07-E3-79
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : comcast.net
Description . . . . . . . . . . . : Gigabyte GN-WP01GS PCI WLAN Card(Turbo)
Physical Address. . . . . . . . . : 00-1D-7D-71-26-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f508:e483:2c50:67c8%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 17, 2009 11:04:14 PM
Lease Expires . . . . . . . . . . : Friday, September 18, 2009 11:04:14 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 335551869
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-71-91-43-00-1F-BC-07-E3-78
DNS Servers . . . . . . . . . . . : 68.87.72.134
68.87.77.134
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 6:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : comcast.net
Description . . . . . . . . . . . : isatap.comcast.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 7:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E9EA6B1A-5167-473B-B3B4-384322115870}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
*************************************************************
********************* Systerm Restore ***********************
*************************************************************
------------------------------------------
Description: Windows Update
Creation Time: 09/10/2009 21:27:37
SequenceNumber: 130
------------------------------------------
Description: Installed Kaspersky Internet Security 2010.
Creation Time: 09/11/2009 06:30:08
SequenceNumber: 131
------------------------------------------
Description: Scheduled Checkpoint
Creation Time: 09/12/2009 05:00:02
SequenceNumber: 132
------------------------------------------
Description: Device Driver Package Install: Kaspersky Lab Network Service
Creation Time: 09/12/2009 15:23:57
SequenceNumber: 133
------------------------------------------
Description: Removed EVGA SLI Enhancement Patch.
Creation Time: 09/12/2009 15:30:37
SequenceNumber: 134
------------------------------------------
Description: Windows Backup
Creation Time: 09/14/2009 00:02:34
SequenceNumber: 135
------------------------------------------
Description: Configured Sid Meier's Railroads!
Creation Time: 09/14/2009 20:08:01
SequenceNumber: 136
------------------------------------------
Description: Windows Update
Creation Time: 09/15/2009 00:53:57
SequenceNumber: 137
------------------------------------------
Description: Scheduled Checkpoint
Creation Time: 09/15/2009 19:30:18
SequenceNumber: 138
------------------------------------------
Description: Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
Creation Time: 09/16/2009 15:03:33
SequenceNumber: 139
------------------------------------------
Description: Installed Microsoft Money Shared Libraries
Creation Time: 09/16/2009 20:01:19
SequenceNumber: 140
------------------------------------------
Description: Installed Folding@home-gpu
Creation Time: 09/16/2009 23:11:52
SequenceNumber: 141
------------------------------------------
Description: Installed Kaspersky Internet Security 2010.
Creation Time: 09/18/2009 02:31:21
SequenceNumber: 142
------------------------------------------
*************************************************************
******************** Running Processes **********************
*************************************************************
------------------------------------------
Name: System Idle Process
------------------------------------------
Name: System
------------------------------------------
Name: smss.exe
------------------------------------------
Name: csrss.exe
------------------------------------------
Name: wininit.exe
------------------------------------------
Name: csrss.exe
------------------------------------------
Name: services.exe
------------------------------------------
Name: lsass.exe
------------------------------------------
Name: lsm.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: winlogon.exe
------------------------------------------
Name: nvvsvc.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: audiodg.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: SLsvc.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: nvvsvc.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: spoolsv.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: AppleMobileDeviceService.exe
------------------------------------------
Name: avp.exe
------------------------------------------
Name: mDNSResponder.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
Name: SearchIndexer.exe
------------------------------------------
Name: WUDFHost.exe
------------------------------------------
Name: taskeng.exe
------------------------------------------
Name: wmpnetwk.exe
------------------------------------------
Name: dwm.exe
------------------------------------------
Name: taskeng.exe
------------------------------------------
Name: explorer.exe
------------------------------------------
Name: WerFault.exe
------------------------------------------
Name: MSASCui.exe
------------------------------------------
Name: RAVCpl64.exe
------------------------------------------
Name: sidebar.exe
------------------------------------------
Name: Skype.exe
------------------------------------------
Name: Core.exe
------------------------------------------
Name: unsecapp.exe
------------------------------------------
Name: WmiPrvSE.exe
------------------------------------------
Name: realsched.exe
------------------------------------------
Name: boincmgr.exe
------------------------------------------
Name: boinctray.exe
------------------------------------------
Name: jusched.exe
------------------------------------------
Name: iTunesHelper.exe
------------------------------------------
Name: avp.exe
------------------------------------------
Name: sidebar.exe
------------------------------------------
Name: boinc.exe
------------------------------------------
Name: iPodService.exe
------------------------------------------
Name: firefox.exe
------------------------------------------
Name: klwtblfs.exe
------------------------------------------
Name: skypePM.exe
------------------------------------------
Name: VistaForums SysInfo.exe
------------------------------------------
Name: WmiPrvSE.exe
------------------------------------------
Name: msiexec.exe
------------------------------------------
Name: TrustedInstaller.exe
------------------------------------------
Name: SearchProtocolHost.exe
------------------------------------------
Name: SearchFilterHost.exe
------------------------------------------
Name: dllhost.exe
------------------------------------------
Name: VSSVC.exe
------------------------------------------
Name: svchost.exe
------------------------------------------
