﻿info.txt - лог утилиты random's system information tool 1.17 2023-08-09 11:58:03

====== MBR ======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A7D2363F0000080202100077F39060008000000900100007F3A0607FEFFFF009801000088970A00FEFFFF27FEFFFF0020990A00E8100000FEFFFF0FFEFFFFFF0FAA0A0118251355AA

====== Список установленных программ ======

7-Zip 23.00 (x64) [2023/05/15 20:28:10]-->"C:\Program Files\7-Zip\Uninstall.exe"
ADB AppControl version 1.8.0.2 [20230611]-->"C:\Users\3770\Downloads\ADB_AppControl\unins000.exe"
Adobe Photoshop CC 2015.5 [2023/05/15 21:24:44]-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF02}"
Adobe Premiere Pro CC 2015.4 [2023/06/27 23:56:27]-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{38C72D42-0672-43B1-9E05-E7631684F9A2}"
AIDA64 Extreme Edition v6.88.6400 [20230515]-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme\unins000.exe"
Aml_Burn_Tool [20230522]-->"C:\Amlogic\Aml_Burn_Tool\V3\unins000.exe"
Attribute Changer 11.20 [20230715]-->"C:\Program Files\Attribute Changer\unins000.exe"
balenaEtcher 1.18.8 [2023/07/04 16:00:37]-->"C:\Users\3770\AppData\Local\Programs\balena-etcher\Uninstall balenaEtcher.exe" /currentuser
Bandicam 6.1.0 [20230803]-->"C:\Program Files (x86)\Bandicam\Uninstall.exe"
Bandicam MPEG-1 Decoder [2023/08/03 13:54:18]-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"
CPUID CPU-Z 2.05 [20230515]-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
CrystalDiskInfo 8.17.14 [20230515]-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
CrystalDiskMark 8.0.4c [20230515]-->"C:\Program Files\CrystalDiskMark8\unins000.exe"
eMule [2023/07/16 14:05:49]-->"C:\Program Files (x86)\eMule\Uninstall.exe"
Eraser 6.2.0.2993 [20230704]-->MsiExec.exe /I{82602EDA-27BE-4358-AB3A-BD09EA51A1E6}
Everything 1.4.1.1023 (x64) [2023/05/15 19:49:10]-->C:\Program Files\Everything\Uninstall.exe
f.lux [2023/06/18 22:17:21]-->"C:\Users\3770\AppData\Local\FluxSoftware\Flux\uninstall.exe"
foobar2000 v2.0 (x64) [2023/05/16 17:45:57]-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000
Free Download Manager [20230515]-->"C:\Program Files\Free Download Manager\unins000.exe"
Google Chrome [20230808]-->"C:\Program Files\Google\Chrome\Application\115.0.5790.171\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging
HashTab 6.0.0.34 [2023/05/15 19:52:19]-->C:\Program Files\HashTab Shell Extension\uninst.exe
HD Tune Pro 5.70 [20230515]-->"C:\Program Files (x86)\HD Tune Pro\unins000.exe"
HWiNFO64 Version 7.46 [20230515]-->"C:\Program Files\HWiNFO64\unins000.exe"
Intel(R) Chipset Device Software [2023/05/15 19:44:07]-->"C:\ProgramData\Package Cache\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}\SetupChipset.exe"  /uninstall
Intel(R) Chipset Device Software [20230515]-->MsiExec.exe /I{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}
Intel(R) Graphics Driver Software [2023/05/15 19:40:05]-->"C:\ProgramData\Package Cache\{e7e9dac9-c330-48d8-9e17-d21a19dc942c}\win64_15.33.5161.exe"  /uninstall
Intel(R) Management Engine Components [2023/05/15 19:43:47]-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components [20230515]-->MsiExec.exe /I{60DC6F22-D268-44F0-8720-200033508384}
Intel(R) ME UninstallLegacy [20230515]-->MsiExec.exe /I{DF17C0DB-76D8-4A45-B26E-674F8455B803}
Intel(R) Processor Graphics [2023/05/15 19:39:59]-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\igxpin.exe" -uninstall
IrfanView 4.62 (64-bit) [2023/05/15 17:30:11]-->"C:\Program Files\IrfanView\iv_uninstall.exe"
K-Lite Mega Codec Pack 17.6.0 [20230518]-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Microsoft .NET Host - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{1A7F6299-C501-49CA-B91D-5E83ED7FB8CA}
Microsoft .NET Host FX Resolver - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{CB1B935F-234E-452D-91DA-4CBA519E9581}
Microsoft .NET Runtime - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{8BBCB5E9-5775-4465-AABC-3E276EBBD496}
Microsoft Office LTSC профессиональный плюс 2021 - ru-ru [2023/05/16 18:28:37]-->"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" scenario=install scenariosubtype=ARP sourcetype=None productstoremove=ProPlus2021Volume.16_ru-ru_x-none culture=ru-ru version.16=16.0
Microsoft Update Health Tools [20221225]-->MsiExec.exe /X{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}
Microsoft Visual C++ 2005 Redistributable (x64) [20230627]-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable [20230627]-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [20230515]-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [20230627]-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [20230515]-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [20230627]-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [20230627]-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [20230627]-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [2023/06/27 23:57:53]-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe"  /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [2023/06/27 23:57:53]-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe"  /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [20230515]-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [2023/06/27 23:57:54]-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe"  /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [2023/06/27 23:57:54]-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe"  /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [20230515]-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 [2023/08/03 15:31:37]-->"C:\ProgramData\Package Cache\{d92971ab-f030-43c8-8545-c66c818d0e05}\VC_redist.x64.exe"  /uninstall
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 [2023/08/03 15:31:37]-->"C:\ProgramData\Package Cache\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}\VC_redist.x86.exe"  /uninstall
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{080D8397-60F4-44B3-BB95-FBB950CB0B4E}
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 [20230530]-->MsiExec.exe /I{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}
Microsoft Windows Desktop Runtime - 6.0.18 (x64) [2023/06/15 09:23:57]-->"C:\ProgramData\Package Cache\{70624c55-d0e1-40a6-913e-96560feea689}\windowsdesktop-runtime-6.0.18-win-x64.exe"  /uninstall
Microsoft Windows Desktop Runtime - 6.0.18 (x64) [20230615]-->MsiExec.exe /X{81D7013F-AB4C-4DEF-8549-2AC6A3D612BB}
MiniTool Partition Wizard [20230518]-->"C:\Program Files\MiniTool Partition Wizard\unins000.exe"
Mozilla Firefox (x64 en-US) [2023/08/09 11:15:42]-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service [2023/07/22 19:52:33]-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
NCALayer v1.3 [20230623]-->"C:\Users\3770\AppData\Roaming\NCALayer\unins000.exe"
Notepad++ (64-bit x64) [2023/07/30 10:32:53]-->"C:\Program Files\Notepad++\uninstall.exe"
Office 16 Click-to-Run Extensibility Component [20230516]-->MsiExec.exe /X{90160000-008C-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Licensing Component [20230516]-->MsiExec.exe /I{90160000-007E-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Localization Component [20230515]-->MsiExec.exe /X{90160000-008C-0419-1000-0000000FF1CE}
Old Classic Calculator for Windows 11 and Windows 10 [20230517]-->"C:\Program Files\OldClassicCalc\unins000.exe"
Outline Manager 1.14.0 [2023/05/31 18:32:06]-->"C:\Users\3770\AppData\Local\Programs\outline-manager\Uninstall Outline Manager.exe" /currentuser
Paragon Hard Disk Manager™ 15 Premium [2023/05/18 13:16:51]-->"C:\ProgramData\Package Cache\{58202466-3f2e-46c0-8827-e8dce2c9c747}\HDM15Premium_x64_ru.exe"  /uninstall
Paragon Hard Disk Manager™ 15 Premium [20230518]-->MsiExec.exe /I{91E249B4-8DE1-4ECC-B50F-EA0195FA604D}
Paragon UIM [20230518]-->MsiExec.exe /I{56EECD69-F428-41C4-ADF6-6CDEE14DDF3F}
Photodex Presenter [2023/08/03 13:58:13]-->C:\Program Files (x86)\Photodex Presenter\remove.exe
PNGGauntlet [20230518]-->MsiExec.exe /X{B2D251E2-A78B-42C2-9D94-695A8CCC17E9}
Python 3.11.3 (64-bit) [2023/05/18 10:07:51]-->"C:\Users\3770\AppData\Local\Package Cache\{c6a7d2cb-61ea-4f5e-bc56-95faa938bacf}\python-3.11.3-amd64.exe"  /uninstall
Python 3.11.3 Add to Path (64-bit) [20230518]-->MsiExec.exe /I{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}
Python 3.11.3 Core Interpreter (64-bit) [20230518]-->MsiExec.exe /I{611F1238-29A9-495F-B1F4-CFFCC98D9421}
Python 3.11.3 Development Libraries (64-bit) [20230518]-->MsiExec.exe /I{D307D056-AF62-4F53-810E-052AAAF0EFB2}
Python 3.11.3 Documentation (64-bit) [20230518]-->MsiExec.exe /I{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}
Python 3.11.3 Executables (64-bit) [20230518]-->MsiExec.exe /I{A2BCB6C1-272D-437F-A5BC-92431FC521B4}
Python 3.11.3 pip Bootstrap (64-bit) [20230518]-->MsiExec.exe /I{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}
Python 3.11.3 Standard Library (64-bit) [20230518]-->MsiExec.exe /I{0D289858-69D1-4CB6-946E-659F028DDC27}
Python 3.11.3 Tcl/Tk Support (64-bit) [20230518]-->MsiExec.exe /I{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}
Python 3.11.3 Test Suite (64-bit) [20230518]-->MsiExec.exe /I{BA9ABB78-751C-4488-80A9-60E44290C060}
Python 3.11.3 Utility Scripts (64-bit) [20230518]-->MsiExec.exe /I{5BF6CA5B-E057-413A-B87A-CCD47600E465}
Python Launcher [20230518]-->MsiExec.exe /X{C41DB702-D72D-40F4-A2B3-5BAC2DCA2DF2}
qBittorrent [2023/06/20 09:19:18]-->"C:\Program Files\qBittorrent\uninst.exe"
Qcma [2023/08/06 23:31:47]-->"C:\Program Files\Qcma\uninstall.exe"
Qualcomm USB Drivers For Windows [20230527]-->MsiExec.exe /I{D9FB7F91-9687-4B09-894D-072903CADEA4}
Realtek High Definition Audio Driver [20230515]-->"C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp  -removeonly
ReNamer [20230516]-->"C:\Program Files (x86)\ReNamer\unins000.exe"
Samsung USB Driver for Mobile Phones [2023/07/03 00:54:03]-->C:\Program Files\Samsung\USB Drivers\Uninstall.exe
SequoiaView [2023/05/18 13:06:35]-->C:\Program Files\SequoiaView\Uninstal.exe
Steam [2023/07/25 18:32:17]-->D:\Program Files (x86)\Steam\uninstall.exe
SteelSeries GG 43.0.0 [2023/08/03 15:31:51]-->C:\Program Files\SteelSeries\GG\uninst.exe
TinyPNG & TinyJPG version 2.5 [20230518]-->"C:\Windows\unins000.exe"
Unlocker [20230808]-->MsiExec.exe /I{5993C960-4E90-4A00-A2F3-D0C4020A6992}
VNC Server 7.1.0 [20230515]-->MsiExec.exe /I{CA74EBB7-4CAE-466B-9B5B-4E4D1DFC6662}
VNC Viewer 7.1.0 [20230515]-->MsiExec.exe /I{9466F787-6D59-4ED8-A376-1D14082A337C}
WinDjView 2.1 [2023/07/18 13:34:02]-->C:\Program Files\WinDjView\uninstall.exe
Windows Driver Package - leshcatlabs.net (WinUSB) AndroidUsbDeviceClass  (08/15/2015 10.0.0000.00000) [2023/05/27 21:49:32]-->C:\PROGRA~1\DIFX\D29FE547208FE130\setup.exe /u C:\Windows\System32\DriverStore\FileRepository\android_winusb.inf_amd64_2e19b2537a7d8747\android_winusb.inf
Windows Driver Package - libwdi (WinUSB) USBDevice  (04/03/2019 6.1.7600.16385) [2023/05/22 01:50:38]-->C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst64.exe /u C:\Windows\System32\DriverStore\FileRepository\android_winusb.inf_amd64_0d73b058037ef25e\android_winusb.inf
Windows Driver Package - Microsoft PS Vita Type B (02/22/2013 6.1.7600.16385) [2023/08/06 23:31:51]-->C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst64.exe /u C:\Windows\System32\DriverStore\FileRepository\ps_vita_type_b_winusb.inf_amd64_79e169d980e30cba\ps_vita_type_b_winusb.inf
WinMerge 2.16.30.0 [20230715]-->"C:\Program Files (x86)\WinMerge\unins000.exe"
WinRAR 6.11 (64-разрядная) [2022/12/25 10:33:28]-->C:\Program Files\WinRAR\uninstall.exe
Отмена установки принтера EPSON L805 Series [2023/06/23 09:07:16]-->C:\Windows\system32\spool\DRIVERS\x64\3\E_YINSPRE.EXE /R /APD /P:"EPSON L805 Series"

====== Файл Hosts ======

127.0.0.1 na1r.services.adobe.com 
127.0.0.1 hlrcv.stage.adobe.com 
127.0.0.1 lmlicenses.wip4.adobe.com 
127.0.0.1 lm.licenses.adobe.com 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 

====== Журнал событий "Система" ======

Имя компьютера: 3770PC
Код события: 10016
Сообщение: The для конкретного приложения permission settings do not grant Локально Запуск permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Недоступно
 to the user NT AUTHORITY\СИСТЕМА SID (S-1-5-18) from address LocalHost (с использованием LRPC) running in the application container Недоступно SID (Недоступно). This security permission can be modified using the Component Services administrative tool.
Номер записи: 8920
Источник: Microsoft-Windows-DistributedCOM
Время записи: 20230809055708.114691-000
Тип события: Warning
Пользователь: NT AUTHORITY\СИСТЕМА

Имя компьютера: 3770PC
Код события: 10016
Сообщение: The для конкретного приложения permission settings do not grant Локально Запуск permission for the COM Server application with CLSID 
Windows.SecurityCenter.SecurityAppBroker
 and APPID 
Недоступно
 to the user NT AUTHORITY\СИСТЕМА SID (S-1-5-18) from address LocalHost (с использованием LRPC) running in the application container Недоступно SID (Недоступно). This security permission can be modified using the Component Services administrative tool.
Номер записи: 8919
Источник: Microsoft-Windows-DistributedCOM
Время записи: 20230809055708.114691-000
Тип события: Warning
Пользователь: NT AUTHORITY\СИСТЕМА

Имя компьютера: 3770PC
Код события: 7000
Сообщение: The ClickToRunSvc service failed to start due to the following error: 
The system cannot find the file specified.
Номер записи: 8916
Источник: Service Control Manager
Время записи: 20230809055502.792018-000
Тип события: Error
Пользователь: 

Имя компьютера: 3770PC
Код события: 219
Сообщение: The driver \Driver\WudfRd failed to load for the device ROOT\PARAGONBLOCKDEVICE\0000.
Номер записи: 8890
Источник: Microsoft-Windows-Kernel-PnP
Время записи: 20230809055451.969906-000
Тип события: Warning
Пользователь: NT AUTHORITY\СИСТЕМА

Имя компьютера: 3770PC
Код события: 10010
Сообщение: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Номер записи: 8858
Источник: Microsoft-Windows-DistributedCOM
Время записи: 20230809055434.856896-000
Тип события: Error
Пользователь: 3770PC\3770
====== Журнал событий "Приложения" ======

Имя компьютера: 3770PC
Код события: 903
Сообщение: The Software Protection service has stopped.

Номер записи: 12069
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230809055556.533698-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770PC
Код события: 902
Сообщение: The Software Protection service has started.
10.0.19041.2364
Номер записи: 12067
Источник: Microsoft-Windows-Security-SPP
Время записи: 20230809055523.803808-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770PC
Код события: 258
Сообщение: The storage optimizer successfully completed дефрагментация диска on SysSSD (C:)
Номер записи: 11985
Источник: Microsoft-Windows-Defrag
Время записи: 20230808182046.799603-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770PC
Код события: 258
Сообщение: The storage optimizer successfully completed повторная оптимизация on SysSSD (C:)
Номер записи: 11984
Источник: Microsoft-Windows-Defrag
Время записи: 20230808182046.799603-000
Тип события: Information
Пользователь: 

Имя компьютера: 3770PC
Код события: 258
Сообщение: The storage optimizer successfully completed дефрагментация диска on Зарезервировано системой
Номер записи: 11978
Источник: Microsoft-Windows-Defrag
Время записи: 20230808181618.470408-000
Тип события: Information
Пользователь: 
====== Журнал событий "Безопасность" ======

Имя компьютера: 3770PC
Код события: 4672
Сообщение: Special privileges assigned to new logon.

Subject:
	Security ID:		S-1-5-18
	Account Name:		СИСТЕМА
	Account Domain:		NT AUTHORITY
	Logon ID:		0x3E7

Privileges:		SeAssignPrimaryTokenPrivilege
			SeTcbPrivilege
			SeSecurityPrivilege
			SeTakeOwnershipPrivilege
			SeLoadDriverPrivilege
			SeBackupPrivilege
			SeRestorePrivilege
			SeDebugPrivilege
			SeAuditPrivilege
			SeSystemEnvironmentPrivilege
			SeImpersonatePrivilege
			SeDelegateSessionUserImpersonatePrivilege
Номер записи: 221643
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230809055800.155464-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770PC
Код события: 4624
Сообщение: An account was successfully logged on.

Subject:
	Security ID:		S-1-5-18
	Account Name:		3770PC$
	Account Domain:		WORKGROUP
	Logon ID:		0x3E7

Logon Information:
	Logon Type:		5
	Restricted Admin Mode:	-
	Virtual Account:		No
	Elevated Token:		Yes

Impersonation Level:		Impersonation

New Logon:
	Security ID:		S-1-5-18
	Account Name:		СИСТЕМА
	Account Domain:		NT AUTHORITY
	Logon ID:		0x3E7
	Linked Logon ID:		0x0
	Network Account Name:	-
	Network Account Domain:	-
	Logon GUID:		{00000000-0000-0000-0000-000000000000}

Process Information:
	Process ID:		0x324
	Process Name:		C:\Windows\System32\services.exe

Network Information:
	Workstation Name:	-
	Source Network Address:	-
	Source Port:		-

Detailed Authentication Information:
	Logon Process:		Advapi  
	Authentication Package:	Negotiate
	Transited Services:	-
	Package Name (NTLM only):	-
	Key Length:		0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
	- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
	- Transited services indicate which intermediate services have participated in this logon request.
	- Package name indicates which sub-protocol was used among the NTLM protocols.
	- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Номер записи: 221642
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230809055800.155457-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770PC
Код события: 4799
Сообщение: A security-enabled local group membership was enumerated.

Subject:
	Security ID:		S-1-5-18
	Account Name:		3770PC$
	Account Domain:		WORKGROUP
	Logon ID:		0x3E7

Group:
	Security ID:		S-1-5-32-551
	Group Name:		Операторы архива
	Group Domain:		Builtin

Process Information:
	Process ID:		0x2334
	Process Name:		C:\Windows\System32\svchost.exe
Номер записи: 221641
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230809055732.910886-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770PC
Код события: 4799
Сообщение: A security-enabled local group membership was enumerated.

Subject:
	Security ID:		S-1-5-18
	Account Name:		3770PC$
	Account Domain:		WORKGROUP
	Logon ID:		0x3E7

Group:
	Security ID:		S-1-5-32-544
	Group Name:		Администраторы
	Group Domain:		Builtin

Process Information:
	Process ID:		0x2334
	Process Name:		C:\Windows\System32\svchost.exe
Номер записи: 221640
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230809055732.908757-000
Тип события: Audit Success
Пользователь: 

Имя компьютера: 3770PC
Код события: 4672
Сообщение: Special privileges assigned to new logon.

Subject:
	Security ID:		S-1-5-18
	Account Name:		СИСТЕМА
	Account Domain:		NT AUTHORITY
	Logon ID:		0x3E7

Privileges:		SeAssignPrimaryTokenPrivilege
			SeTcbPrivilege
			SeSecurityPrivilege
			SeTakeOwnershipPrivilege
			SeLoadDriverPrivilege
			SeBackupPrivilege
			SeRestorePrivilege
			SeDebugPrivilege
			SeAuditPrivilege
			SeSystemEnvironmentPrivilege
			SeImpersonatePrivilege
			SeDelegateSessionUserImpersonatePrivilege
Номер записи: 221639
Источник: Microsoft-Windows-Security-Auditing
Время записи: 20230809055728.303815-000
Тип события: Audit Success
Пользователь: 
====== Переменные среды ======

"ComSpec" = %SystemRoot%\system32\cmd.exe
"DriverData" = C:\Windows\System32\Drivers\DriverData
"OS" = Windows_NT
"Path" = %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
"PATHEXT" = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE" = AMD64
"PSModulePath" = %ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP" = %SystemRoot%\TEMP
"TMP" = %SystemRoot%\TEMP
"USERNAME" = SYSTEM
"windir" = %SystemRoot%
"NUMBER_OF_PROCESSORS" = 8
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION" = 3a09

-----------------EOF-----------------
