info.txt logfile of random's system information tool 1.10 2015-10-11 16:47:56
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A77E7342A00008020210007DF130C000800000020030000DF140C07FEFFFF0028030000689E12000000000000000000000000000000000000000000000000000000000000000055AA
======Uninstall list======
Adobe Acrobat Reader DC-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AC0F074E4100}
Adobe Flash Player 18 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe -maintain activex
Advanced SystemCare 8-->"C:\Program Files (x86)\IObit\Advanced SystemCare 8\unins000.exe"
Advanced Uninstaller PRO - Version 11-->"C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\unins001.exe"
Apple Application Support (32-bit)-->MsiExec.exe /I{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}
Apple Software Update-->MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}
Ashampoo WinOptimizer 11 v.11.00.60-->"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\unins000.exe"
Auslogics DiskDefrag-->"C:\Program Files (x86)\Auslogics\DiskDefrag\unins000.exe"
Driver Booster 2.4-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
Driver Magician 3.65-->"C:\Program Files (x86)\Driver Magician\unins000.exe"
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe" uninstall_start
Java 8 Update 60-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218060F0}
Kingsoft Office 2012 (8.1.0.3020)-->C:\Program Files (x86)\Kingsoft\Kingsoft Office\utility\uninst.exe
Malwarebytes Anti-Malware version 2.1.8.1057-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 41.0.1 (x86 en-US)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Office 15 Click-to-Run Extensibility Component-->MsiExec.exe /X{90150000-008C-0000-0000-0000000FF1CE}
Office 15 Click-to-Run Localization Component-->MsiExec.exe /X{90150000-008C-0409-0000-0000000FF1CE}
OpenOffice.org 3.3-->MsiExec.exe /I{3E171899-0175-47CC-84C4-562ACDD4C021}
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
RrSavings-->MsiExec.exe /X{3566FB70-E722-4182-8266-815EAE862998}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {73E43C35-D717-337B-9F50-66F5623A8E1C}
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {F403E543-04A6-3024-BE38-189172855D13}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
Surfing Protection-->"C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe"
======System event log======
Computer Name: joanne-PC
Event Code: 7001
Message: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 396165
Source Name: Service Control Manager
Time Written: 20150412141155.461383-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 7001
Message: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 396154
Source Name: Service Control Manager
Time Written: 20150412140550.164520-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 7001
Message: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 396150
Source Name: Service Control Manager
Time Written: 20150412140502.833813-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 46
Message: Crash dump initialization failed!
Record Number: 396077
Source Name: volmgr
Time Written: 20150412140254.616808-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.
Record Number: 396057
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20150411155340.420732-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: joanne-PC
Event Code: 7040
Message: The search service has detected corrupted data files in the index {id=1100}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Record Number: 81876
Source Name: Microsoft-Windows-Search
Time Written: 20140324085232.000000-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 9000
Message:
Record Number: 81874
Source Name: Microsoft-Windows-Search
Time Written: 20140324085231.000000-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 3036
Message: The content source cannot be accessed.
Context: Application, SystemIndex Catalog
Details:
The object was not found. (HRESULT : 0x80041201) (0x80041201)
Record Number: 81853
Source Name: Microsoft-Windows-Search
Time Written: 20140324052413.000000-000
Event Type: Warning
User:
Computer Name: joanne-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 81847
Source Name: Microsoft-Windows-WMI
Time Written: 20140324052211.000000-000
Event Type: Error
User:
Computer Name: joanne-PC
Event Code: 3036
Message: The content source cannot be accessed.
Context: Application, SystemIndex Catalog
Details:
The object was not found. (HRESULT : 0x80041201) (0x80041201)
Record Number: 81822
Source Name: Microsoft-Windows-Search
Time Written: 20140324044538.000000-000
Event Type: Warning
User:
=====Security event log=====
Computer Name: joanne-PC
Event Code: 4608
Message: Windows is starting up.
This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 101262
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140903091512.984434-000
Event Type: Audit Success
User:
Computer Name: joanne-PC
Event Code: 4647
Message: User initiated logoff:
Subject:
Security ID: S-1-5-21-1003636399-1988623287-3443907283-1000
Account Name: joanne
Account Domain: joanne-PC
Logon ID: 0x15800
This event is generated when a logoff is initiated. No further user-initiated activity can occur. This event can be interpreted as a logoff event.
Record Number: 101261
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140902094424.171306-000
Event Type: Audit Success
User:
Computer Name: joanne-PC
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 101260
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140902094425.980909-000
Event Type: Audit Success
User:
Computer Name: joanne-PC
Event Code: 4672
Message: Special privileges assigned to new logon.
Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 101259
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140902091749.554497-000
Event Type: Audit Success
User:
Computer Name: joanne-PC
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-5-18
Account Name: JOANNE-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x224
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name:
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 101258
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140902091749.554497-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 127 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=7f02
"windows_tracing_flags"=3
"CW_UPDATE"=Y
"iHA_Version"=1.00.00
"asl.log"=Destination=file
-----------------EOF-----------------