﻿info.txt - лог утилиты random's system information tool 1.17 2023-08-08 12:43:56

====== MBR ======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A7D2363F0000080202100077F39060008000000900100007F3A0607FEFFFF009801000088970A00FEFFFF27FEFFFF0020990A00E8100000FEFFFF0FFEFFFFFF0FAA0A0118251355AA

====== Список установленных программ ======

7-Zip 23.00 (x64) [2023/05/15 20:28:10]-->"C:\Program Files\7-Zip\Uninstall.exe"
ADB AppControl version 1.8.0.2 [20230611]-->"C:\Users\3770\Downloads\ADB_AppControl\unins000.exe"
Adobe Photoshop CC 2015.5 [2023/05/15 21:24:44]-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF02}"
Adobe Premiere Pro CC 2015.4 [2023/06/27 23:56:27]-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{38C72D42-0672-43B1-9E05-E7631684F9A2}"
AIDA64 Extreme Edition v6.88.6400 [20230515]-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme\unins000.exe"
Aml_Burn_Tool [20230522]-->"C:\Amlogic\Aml_Burn_Tool\V3\unins000.exe"
Attribute Changer 11.20 [20230715]-->"C:\Program Files\Attribute Changer\unins000.exe"
balenaEtcher 1.18.8 [2023/07/04 16:00:37]-->"C:\Users\3770\AppData\Local\Programs\balena-etcher\Uninstall balenaEtcher.exe" /currentuser
Bandicam 6.1.0 [20230803]-->"C:\Program Files (x86)\Bandicam\Uninstall.exe"
Bandicam MPEG-1 Decoder [2023/08/03 13:54:18]-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
CPUID CPU-Z 2.05 [20230515]-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
CrystalDiskInfo 8.17.14 [20230515]-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
CrystalDiskMark 8.0.4c [20230515]-->"C:\Program Files\CrystalDiskMark8\unins000.exe"
eMule [2023/07/16 14:05:49]-->"C:\Program Files (x86)\eMule\Uninstall.exe"
Eraser 6.2.0.2993 [20230704]-->MsiExec.exe /I{82602EDA-27BE-4358-AB3A-BD09EA51A1E6}
Everything 1.4.1.1023 (x64) [2023/05/15 19:49:10]-->C:\Program Files\Everything\Uninstall.exe
f.lux [2023/06/18 22:17:21]-->"C:\Users\3770\AppData\Local\FluxSoftware\Flux\uninstall.exe"
foobar2000 v2.0 (x64) [2023/05/16 17:45:57]-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000
Free Download Manager [20230515]-->"C:\Program Files\Free Download Manager\unins000.exe"
Google Chrome [20230808]-->"C:\Program Files\Google\Chrome\Application\115.0.5790.171\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging
HashTab 6.0.0.34 [2023/05/15 19:52:19]-->C:\Program Files\HashTab Shell Extension\uninst.exe
HD Tune Pro 5.70 [20230515]-->"C:\Program Files (x86)\HD Tune Pro\unins000.exe"
HWiNFO64 Version 7.46 [20230515]-->"C:\Program Files\HWiNFO64\unins000.exe"
Intel(R) Chipset Device Software [2023/05/15 19:44:07]-->"C:\ProgramData\Package Cache\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}\SetupChipset.exe"  /uninstall
Intel(R) Chipset Device Software [20230515]-->MsiExec.exe /I{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}
Intel(R) Graphics Driver Software [2023/05/15 19:40:05]-->"C:\ProgramData\Package Cache\{e7e9dac9-c330-48d8-9e17-d21a19dc942c}\win64_15.33.5161.exe"  /uninstall
Intel(R) Management Engine Components [2023/05/15 19:43:47]-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components [20230515]-->MsiExec.exe /I{60DC6F22-D268-44F0-8720-200033508384}
Intel(R) ME UninstallLegacy [20230515]-->MsiExec.exe /I{DF17C0DB-76D8-4A45-B26E-674F8455B803}
Intel(R) Processor Graphics [2023/05/15 19:39:59]-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\igxpin.exe" -uninstall
IrfanView 4.62 (64-bit) [2023/05/15 17:30:11]-->"C:\Program Files\IrfanView\iv_uninstall.exe"
K-Lite Mega Codec Pack 17.6.0 [20230518]-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Malwarebytes version 4.5.33.272 [20230808]-->"C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe"
Microsoft .NET Host - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{1A7F6299-C501-49CA-B91D-5E83ED7FB8CA}
Microsoft .NET Host FX Resolver - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{CB1B935F-234E-452D-91DA-4CBA519E9581}
Microsoft .NET Runtime - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{8BBCB5E9-5775-4465-AABC-3E276EBBD496}
Microsoft Office LTSC профессиональный плюс 2021 - ru-ru [2023/05/16 18:28:37]-->"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" scenario=install scenariosubtype=ARP sourcetype=None productstoremove=ProPlus2021Volume.16_ru-ru_x-none culture=ru-ru version.16=16.0
Microsoft Update Health Tools [20221225]-->MsiExec.exe /X{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}
Microsoft Visual C++ 2005 Redistributable (x64) [20230627]-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable [20230627]-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [20230515]-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [20230627]-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [20230515]-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [20230627]-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [20230627]-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [20230627]-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [2023/06/27 23:57:53]-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe"  /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [2023/06/27 23:57:53]-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe"  /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [2023/06/27 23:57:54]-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe"  /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [2023/06/27 23:57:54]-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe"  /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 [2023/08/03 15:31:37]-->"C:\ProgramData\Package Cache\{d92971ab-f030-43c8-8545-c66c818d0e05}\VC_redist.x64.exe"  /uninstall
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 [2023/08/03 15:31:37]-->"C:\ProgramData\Package Cache\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}\VC_redist.x86.exe"  /uninstall
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{080D8397-60F4-44B3-BB95-FBB950CB0B4E}
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}
Microsoft Windows Desktop Runtime - 6.0.18 (x64) [2023/06/15 09:23:57]-->"C:\ProgramData\Package Cache\{70624c55-d0e1-40a6-913e-96560feea689}\windowsdesktop-runtime-6.0.18-win-x64.exe"  /uninstall
Microsoft Windows Desktop Runtime - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{81D7013F-AB4C-4DEF-8549-2AC6A3D612BB}
MiniTool Partition Wizard [20230518]-->"C:\Program Files\MiniTool Partition Wizard\unins000.exe"
Mozilla Firefox (x64 en-US) [2023/08/05 12:43:14]-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service [2023/07/22 19:52:33]-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
NCALayer v1.3 [20230623]-->"C:\Users\3770\AppData\Roaming\NCALayer\unins000.exe"
Notepad++ (64-bit x64) [2023/07/30 10:32:53]-->"C:\Program Files\Notepad++\uninstall.exe"
Office 16 Click-to-Run Extensibility Component [20230516]-->MsiExec.exe /X{90160000-008C-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Licensing Component [20230516]-->MsiExec.exe /I{90160000-007E-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Localization Component [20230515]-->MsiExec.exe /X{90160000-008C-0419-1000-0000000FF1CE}
Old Classic Calculator for Windows 11 and Windows 10 [20230517]-->"C:\Program Files\OldClassicCalc\unins000.exe"
Outline Manager 1.14.0 [2023/05/31 18:32:06]-->"C:\Users\3770\AppData\Local\Programs\outline-manager\Uninstall Outline Manager.exe" /currentuser
Paragon Hard Disk Manager™ 15 Premium [2023/05/18 13:16:51]-->"C:\ProgramData\Package Cache\{58202466-3f2e-46c0-8827-e8dce2c9c747}\HDM15Premium_x64_ru.exe"  /uninstall
Paragon Hard Disk Manager™ 15 Premium [20230518]-->MsiExec.exe /I{91E249B4-8DE1-4ECC-B50F-EA0195FA604D}
Paragon UIM [20230518]-->MsiExec.exe /I{56EECD69-F428-41C4-ADF6-6CDEE14DDF3F}
Photodex Presenter [2023/08/03 13:58:13]-->C:\Program Files (x86)\Photodex Presenter\remove.exe
PNGGauntlet [20230518]-->MsiExec.exe /X{B2D251E2-A78B-42C2-9D94-695A8CCC17E9}
Python 3.11.3 (64-bit) [2023/05/18 10:07:51]-->"C:\Users\3770\AppData\Local\Package Cache\{c6a7d2cb-61ea-4f5e-bc56-95faa938bacf}\python-3.11.3-amd64.exe"  /uninstall
Python 3.11.3 Add to Path (64-bit) [20230518]-->MsiExec.exe /I{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}
Python 3.11.3 Core Interpreter (64-bit) [20230518]-->MsiExec.exe /I{611F1238-29A9-495F-B1F4-CFFCC98D9421}
Python 3.11.3 Development Libraries (64-bit) [20230518]-->MsiExec.exe /I{D307D056-AF62-4F53-810E-052AAAF0EFB2}
Python 3.11.3 Documentation (64-bit) [20230518]-->MsiExec.exe /I{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}
Python 3.11.3 Executables (64-bit) [20230518]-->MsiExec.exe /I{A2BCB6C1-272D-437F-A5BC-92431FC521B4}
Python 3.11.3 pip Bootstrap (64-bit) [20230518]-->MsiExec.exe /I{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}
Python 3.11.3 Standard Library (64-bit) [20230518]-->MsiExec.exe /I{0D289858-69D1-4CB6-946E-659F028DDC27}
Python 3.11.3 Tcl/Tk Support (64-bit) [20230518]-->MsiExec.exe /I{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}
Python 3.11.3 Test Suite (64-bit) [20230518]-->MsiExec.exe /I{BA9ABB78-751C-4488-80A9-60E44290C060}
Python 3.11.3 Utility Scripts (64-bit) [20230518]-->MsiExec.exe /I{5BF6CA5B-E057-413A-B87A-CCD47600E465}
Python Launcher [20230518]-->MsiExec.exe /X{C41DB702-D72D-40F4-A2B3-5BAC2DCA2DF2}
qBittorrent [2023/06/20 09:19:18]-->"C:\Program Files\qBittorrent\uninst.exe"
Qcma [2023/08/06 23:31:47]-->"C:\Program Files\Qcma\uninstall.exe"
Qualcomm USB Drivers For Windows [20230527]-->MsiExec.exe /I{D9FB7F91-9687-4B09-894D-072903CADEA4}
Realtek High Definition Audio Driver [20230515]-->"C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp  -removeonly
ReNamer [20230516]-->"C:\Program Files (x86)\ReNamer\unins000.exe"
Samsung USB Driver for Mobile Phones [2023/07/03 00:54:03]-->C:\Program Files\Samsung\USB Drivers\Uninstall.exe
SequoiaView [2023/05/18 13:06:35]-->C:\Program Files\SequoiaView\Uninstal.exe
Steam [2023/07/25 18:32:17]-->D:\Program Files (x86)\Steam\uninstall.exe
SteelSeries GG 43.0.0 [2023/08/03 15:31:51]-->C:\Program Files\SteelSeries\GG\uninst.exe
TinyPNG & TinyJPG version 2.5 [20230518]-->"C:\Windows\unins000.exe"
VNC Server 7.1.0 [20230515]-->MsiExec.exe /I{CA74EBB7-4CAE-466B-9B5B-4E4D1DFC6662}
VNC Viewer 7.1.0 [20230515]-->MsiExec.exe /I{9466F787-6D59-4ED8-A376-1D14082A337C}
WinDjView 2.1 [2023/07/18 13:34:02]-->C:\Program Files\WinDjView\uninstall.exe
Windows Driver Package - leshcatlabs.net (WinUSB) AndroidUsbDeviceClass  (08/15/2015 10.0.0000.00000) [2023/05/27 21:49:32]-->C:\PROGRA~1\DIFX\D29FE547208FE130\setup.exe /u C:\Windows\System32\DriverStore\FileRepository\android_winusb.inf_amd64_2e19b2537a7d8747\android_winusb.inf
Windows Driver Package - libwdi (WinUSB) USBDevice  (04/03/2019 6.1.7600.16385) [2023/05/22 01:50:38]-->C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst64.exe /u C:\Windows\System32\DriverStore\FileRepository\android_winusb.inf_amd64_0d73b058037ef25e\android_winusb.inf
Windows Driver Package - Microsoft PS Vita Type B (02/22/2013 6.1.7600.16385) [2023/08/06 23:31:51]-->C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst64.exe /u C:\Windows\System32\DriverStore\FileRepository\ps_vita_type_b_winusb.inf_amd64_79e169d980e30cba\ps_vita_type_b_winusb.inf
WinMerge 2.16.30.0 [20230715]-->"C:\Program Files (x86)\WinMerge\unins000.exe"
WinRAR 6.11 (64-разрядная) [2022/12/25 10:33:28]-->C:\Program Files\WinRAR\uninstall.exe
Отмена установки принтера EPSON L805 Series [2023/06/23 09:07:16]-->C:\Windows\system32\spool\DRIVERS\x64\3\E_YINSPRE.EXE /R /APD /P:"EPSON L805 Series"

====== Журнал событий "Система" ======

Имя компьютера: 3770i7
Код события: 10016
Сообщение: The для конкретного приложения permission settings do not grant Локально Активация permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user 3770I7\3770 SID (S-1-5-21-3950870073-693449730-955634714-1002) from address LocalHost (с использованием LRPC) running in the application container Недоступно SID (Недоступно). This security permission can be modified using the Component Services administrative tool.
Номер записи: 8364
Источник: Microsoft-Windows-DistributedCOM
Время записи: 20230808062924.076655-000
Тип события: Warning
Пользователь: 3770I7\3770

Имя компьютера: 3770i7
Код события: 7031
Сообщение: The VNC Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Перезапуск службы.
Номер записи: 8361
Источник: Service Control Manager
Время записи: 20230808062407.707651-000
Тип события: Error
Пользователь: 

Имя компьютера: 3770i7
Код события: 7031
Сообщение: The SAMSUNG Mobile Connectivity Service V2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Перезапуск службы.
Номер записи: 8360
Источник: Service Control Manager
Время записи: 20230808062407.706653-000
Тип события: Error
Пользователь: 

Имя компьютера: 3770i7
Код события: 7034
Сообщение: The Everything service terminated unexpectedly.  It has done this 1 time(s).
Номер записи: 8359
Источник: Service Control Manager
Время записи: 20230808062407.705652-000
Тип события: Error
Пользователь: 

Имя компьютера: 3770i7
Код события: 7034
Сообщение: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly.  It has done this 1 time(s).
Номер записи: 8358
Источник: Service Control Manager
Время записи: 20230808062407.705652-000
Тип события: Error
Пользователь: 
====== Журнал событий "Приложения" ======

Имя компьютера: 3770i7
Код события: 903
Сообщение: The Software Protection service has stopped.

Номер записи: 11638
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230808060812.848817-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770i7
Код события: 902
Сообщение: The Software Protection service has started.
10.0.19041.2364
Номер записи: 11636
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230808060706.791789-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770i7
Код события: 903
Сообщение: The Software Protection service has stopped.

Номер записи: 11605
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230808050133.650548-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770i7
Код события: 902
Сообщение: The Software Protection service has started.
10.0.19041.2364
Номер записи: 11603
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230808050100.976010-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770i7
Код события: 903
Сообщение: The Software Protection service has stopped.

Номер записи: 11574
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230808045032.502294-000
Тип события: Information
Пользователь: 
====== Журнал событий "Безопасность" ======

Имя компьютера: 3770i7
Код события: 4799
Сообщение: A security-enabled local group membership was enumerated.

Subject:
	Security ID:		S-1-5-18
	Account Name:		3770I7$
	Account Domain:		WORKGROUP
	Logon ID:		0x3E7

Group:
	Security ID:		S-1-5-32-551
	Group Name:		Операторы архива
	Group Domain:		Builtin

Process Information:
	Process ID:		0x228c
	Process Name:		C:\Windows\System32\svchost.exe
Номер записи: 218262
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230808064319.733280-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770i7
Код события: 4799
Сообщение: A security-enabled local group membership was enumerated.

Subject:
	Security ID:		S-1-5-18
	Account Name:		3770I7$
	Account Domain:		WORKGROUP
	Logon ID:		0x3E7

Group:
	Security ID:		S-1-5-32-544
	Group Name:		Администраторы
	Group Domain:		Builtin

Process Information:
	Process ID:		0x228c
	Process Name:		C:\Windows\System32\svchost.exe
Номер записи: 218261
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230808064319.732697-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770i7
Код события: 4672
Сообщение: Special privileges assigned to new logon.

Subject:
	Security ID:		S-1-5-18
	Account Name:		СИСТЕМА
	Account Domain:		NT AUTHORITY
	Logon ID:		0x3E7

Privileges:		SeAssignPrimaryTokenPrivilege
			SeTcbPrivilege
			SeSecurityPrivilege
			SeTakeOwnershipPrivilege
			SeLoadDriverPrivilege
			SeBackupPrivilege
			SeRestorePrivilege
			SeDebugPrivilege
			SeAuditPrivilege
			SeSystemEnvironmentPrivilege
			SeImpersonatePrivilege
			SeDelegateSessionUserImpersonatePrivilege
Номер записи: 218260
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230808064315.492113-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770i7
Код события: 4624
Сообщение: An account was successfully logged on.

Subject:
	Security ID:		S-1-5-18
	Account Name:		3770I7$
	Account Domain:		WORKGROUP
	Logon ID:		0x3E7

Logon Information:
	Logon Type:		5
	Restricted Admin Mode:	-
	Virtual Account:		No
	Elevated Token:		Yes

Impersonation Level:		Impersonation

New Logon:
	Security ID:		S-1-5-18
	Account Name:		СИСТЕМА
	Account Domain:		NT AUTHORITY
	Logon ID:		0x3E7
	Linked Logon ID:		0x0
	Network Account Name:	-
	Network Account Domain:	-
	Logon GUID:		{00000000-0000-0000-0000-000000000000}

Process Information:
	Process ID:		0x34c
	Process Name:		C:\Windows\System32\services.exe

Network Information:
	Workstation Name:	-
	Source Network Address:	-
	Source Port:		-

Detailed Authentication Information:
	Logon Process:		Advapi  
	Authentication Package:	Negotiate
	Transited Services:	-
	Package Name (NTLM only):	-
	Key Length:		0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
	- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
	- Transited services indicate which intermediate services have participated in this logon request.
	- Package name indicates which sub-protocol was used among the NTLM protocols.
	- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Номер записи: 218259
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230808064315.492108-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770i7
Код события: 4798
Сообщение: A user's local group membership was enumerated.

Subject:
	Security ID:		S-1-5-21-3950870073-693449730-955634714-1002
	Account Name:		3770
	Account Domain:		3770I7
	Logon ID:		0x1732C

User:
	Security ID:		S-1-5-21-3950870073-693449730-955634714-1003
	Account Name:		Net
	Account Domain:		3770I7

Process Information:
	Process ID:		0x14a4
	Process Name:		C:\Windows\explorer.exe
Номер записи: 218258
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230808064219.062545-000
Тип события: Audit Success
Пользователь: 
====== Переменные среды ======

"ComSpec" = %SystemRoot%\system32\cmd.exe
"DriverData" = C:\Windows\System32\Drivers\DriverData
"OS" = Windows_NT
"Path" = %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
"PATHEXT" = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE" = AMD64
"PSModulePath" = %ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP" = %SystemRoot%\TEMP
"TMP" = %SystemRoot%\TEMP
"USERNAME" = SYSTEM
"windir" = %SystemRoot%
"NUMBER_OF_PROCESSORS" = 8
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION" = 3a09

-----------------EOF-----------------
