Forum - DLL-files.com

Discuss about DLL files and errors related to them
https://forum.dll-files.com/

2-hour hibernate failure

https://forum.dll-files.com/viewtopic.php?t=46633

Page 1 of 4

2-hour hibernate failure

Posted: 10 Apr 2010, 13:25
by william b. lurie
This is a new thread. See old stuff for history.

Okay, John, I'm using Clone2 and have started running your
investigatory programs.

> Service Name,Start Mode
> Alerter,Disabled,
> ALG,Manual,
> AppMgmt,Manual,
> aspnet_state,Manual,
> Ati HotKey Poller,Auto,
> ATI Smart,Auto,
> AudioSrv,Auto,
> Automatic LiveUpdate Scheduler,Disabled,
> BITS,Manual,
> Browser,Auto,
> CiSvc,Manual,
> ClipSrv,Disabled,
> clr_optimization_v2.0.50727_32,Manual,
> COMSysApp,Manual,
> CryptSvc,Auto,
> DcomLaunch,Auto,
> Dhcp,Auto,
> dmadmin,Manual,
> dmserver,Manual,
> Dnscache,Auto,
> ERSvc,Manual,
> Eventlog,Manual,
> EventSystem,Manual,
> FastUserSwitchingCompatibility,Manual,
> Fax,Manual,
> FontCache3.0.0.0,Manual,
> GEARSecurity,Disabled,
> helpsvc,Auto,
> HidServ,Disabled,
> HTTPFilter,Manual,
> IDriverT,Manual,
> idsvc,Manual,
> Imapi Helper,Manual,
> ImapiService,Manual,
> lanmanserver,Auto,
> lanmanworkstation,Auto,
> LexBceS,Auto,
> LiveUpdate,Manual,
> LmHosts,Auto,
> lxct_device,Auto,
> MBAMService,Manual,
> MDM,Auto,
> Messenger,Disabled,
> mnmsrvc,Manual,
> MSIServer,Manual,
> NetDDE,Disabled,
> NetDDEdsdm,Disabled,
> Netlogon,Manual,
> Netman,Manual,
> NetTcpPortSharing,Disabled,
> Nla,Manual,
> Norton AntiVirus,Auto,
> Norton Save and Restore,Auto,
> NProtectService,Auto,
> NtLmSsp,Manual,
> NtmsSvc,Manual,
> ose,Manual,
> PlugPlay,Auto,
> PolicyAgent,Manual,
> ProtectedStorage,Auto,
> psqlWGE,Auto,
> RasAuto,Disabled,
> RasMan,Manual,
> RDSessMgr,Manual,
> RemoteAccess,Disabled,
> RpcLocator,Manual,
> RpcSs,Auto,
> RSVP,Manual,
> SamSs,Auto,
> SCardSvr,Manual,
> Schedule,Auto,
> seclogon,Auto,
> SENS,Auto,
> SharedAccess,Auto,
> ShellHWDetection,Auto,
> Speed Disk service,Auto,
> Spooler,Auto,
> srservice,Auto,
> SSDPSRV,Manual,
> stisvc,Auto,
> SwPrv,Manual,
> Symantec RemoteAssist,Manual,
> SysmonLog,Manual,
> TapiSrv,Manual,
> TermService,Auto,
> Themes,Auto,
> TrkWks,Auto,
> upnphost,Manual,
> UPS,Manual,
> Viewpoint Manager Service,Auto,
> VSS,Manual,
> W32Time,Auto,
> WebClient,Auto,
> winmgmt,Auto,
> WmdmPmSN,Manual,
> WmiApSrv,Manual,
> WMPNetworkSvc,Manual,
> wscsvc,Disabled,
> wuauserv,Auto,
> WudfSvc,Manual,
> WZCSVC,Auto,
> xmlprov,Manual,

That's one.

>
> HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
> rdpclip
> rdpclip
> RDP Clip Monitor
> Microsoft Corporation
> 5.1.2600.2180
> c:\windows\system32\rdpclip.exe
> ab978e64b3cb5b78842bc2bdae19d0cd (MD5)
> db49bb6158d12ea7dc9b28ef2ee857edb6015138 (SHA-1)
>
> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
> C:\WINDOWS\system32\userinit.exe
> C:\WINDOWS\system32\userinit.exe
> Userinit Logon Application
> Microsoft Corporation
> 5.1.2600.2180
> c:\windows\system32\userinit.exe
> 39b1ffb03c2296323832acbae50d2aff (MD5)
> e5aedcbe25a97c89101f1f3860ff846e94d70445 (SHA-1)
>
> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
> Explorer.exe
> Explorer.exe
> Windows Explorer
> Microsoft Corporation
> 6.0.2900.3156
> c:\windows\explorer.exe
> 97bd6515465659ff8f3b7be375b2ea87 (MD5)
> 972307a3ef93680afdd03603df20f2241047a934 (SHA-1)
>
> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
> Recguard
> C:\WINDOWS\SMINST\RECGUARD.EXE
> Recguard Application
> 6.0.54.0
> c:\windows\sminst\recguard.exe
> f3eaea279f09a7779c18793c87640794 (MD5)
> 142d5cc0e87bcbfd8d23ef12956a3ecef0208006 (SHA-1)
> LXSUPMON
> C:\WINDOWS\system32\LXSUPMON.EXE RUN
> Supplies Monitor
> Lexmark International Inc.
> 3.0.105.1
> c:\windows\system32\lxsupmon.exe
> bdbd516e37761ed51e602a54873d24cd (MD5)
> 648754b111c8d14ad6b028020534836286800796 (SHA-1)
> HPBootOp
> "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
> HP Boot Optimizer
> Hewlett-Packard Company
> 3.0.0.0
> c:\program files\hewlett-packard\hp boot optimizer\hpbootop.exe
> a789b145f17fa5c2326907f4872fe173 (MD5)
> f04982c1c82b75b38e5da0ef838b6b2e753b3e6c (SHA-1)
> NSWosCheck
> "C:\Program Files\Norton SystemWorks Premier Edition\osCheck.exe"
> osCheck
> Symantec Corporation
> 12.0.0.52
> c:\program files\norton systemworks premier edition\oscheck.exe
> b9d7e074e0ee39ca1b6101ce0d7d8cc0 (MD5)
> c38060885884970d123d9aac58633309c91f5289 (SHA-1)
> TkBellExe
> "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
> RealNetworks Scheduler
> RealNetworks, Inc.
> 0.1.0.4043
> c:\program files\common files\real\update_ob\realsched.exe
> 28525d80ea1d33cf60b8ac318a5f1c82 (MD5)
> d66a9b76f6982d905029492310a3b3b6f111f2cb (SHA-1)
> SMSI Loader
> C:\Program Files\Common Files\Smith Micro Shared\Fax\SMLoader.exe /PRNDRV
> SMSI Loader
> Smith Micro Software, Inc.
> 1.4.0.0
> c:\program files\common files\smith micro shared\fax\smloader.exe
> e8187ccc1ea4575584cd22b2ae0b29fa (MD5)
> 3f1d727057f1978fe0e65444ce0edfa3e70da45d (SHA-1)
> NswUiTray
> C:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
> Norton SystemWorks System Tray Module
> Symantec Corporation
> 12.0.0.52
> c:\program files\norton systemworks premier edition\nswuitray.exe
> 342b0d08fdf4ddaa5ac01aec50f95d77 (MD5)
> 330e1c7495aa61e65d606acb8d7f00c87e582225 (SHA-1)
> Norton Save and Restore 2.0
> "C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
> Tray Application
> Symantec Corporation
> 2.0.7.29210
> c:\program files\norton save and restore\agent\vprotray.exe
> 3ccbdad4dbc7f1feda9454a4f5f32526 (MD5)
> 5e9b559597c300ed28a4157e267fafbe3e546fb2 (SHA-1)
> KernelFaultCheck
> %systemroot%\system32\dumprep 0 -k
> Windows Error Reporting Dump Reporting Tool
> Microsoft Corporation
> 5.1.2600.2180
> c:\windows\system32\dumprep.exe
> 13922eb54890c77005268882629a31fe (MD5)
> 0504e67f338bfe08a1a694dea598fecc603e6695 (SHA-1)
> MSConfig
> C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
> System Configuration Utility
> Microsoft Corporation
> 5.1.2600.2764
> c:\windows\pchealth\helpctr\binaries\msconfig.exe
> 3c60aefa68efa2c4d13ab6b68fe82b81 (MD5)
> abdb5d622a86473732671f5d5d2d7ba458af656e (SHA-1)
> lxctmon.exe
> "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
> Device Monitor
> 0.1.25.0
> c:\program files\lexmark 5400 series\lxctmon.exe
> 623f89715522b2f4e14a1a21d4fc272a (MD5)
> 83caaed7b3c6c9698bdb8964eda44acbfbc48b4e (SHA-1)
> Lexmark 5400 Series Fax Server
> "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
> Fax Man Server
> 0.1.4.1
> c:\program files\lexmark 5400 series\fm3032.exe
> 6c9fb7a576813630c7f0ac9244c5b5d6 (MD5)
> 7fd7485f93cd0bfc0904dbb5f260f3c54b1cbc63 (SHA-1)
> EzPrint
> "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
> Lexmark Fast Pics Application
> Lexmark International Inc.
> 2.0.40.0
> c:\program files\lexmark 5400 series\ezprint.exe
> 404f68eaa178e29d2a96121a5184bc70 (MD5)
> b8a6345ce3672c988d93700e235d8d6965f36072 (SHA-1)
> LXCTCATS
> rundll32 C:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
> Lexmark Connect Timer DLL
> Lexmark International Inc.
> 1.20.0.0
> c:\windows\system32\spool\drivers\w32x86\3\lxcttime.dll
> e9b2e1938b478881a0ce79b6bb9ac31c (MD5)
> 56d5749513073983c7bfb2fe1cabc88fc73a6726 (SHA-1)
> Adobe Reader Speed Launcher
> "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
> Adobe Acrobat SpeedLauncher
> Adobe Systems Incorporated
> 9.3.0.148
> c:\program files\adobe\reader 9.0\reader\reader_sl.exe
> 466ce40eaa865752f4930a472563e4e1 (MD5)
> e2f61f354d97b75638da96efa73309cf837e8b7a (SHA-1)
> Adobe ARM
> "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
> Adobe Reader and Acrobat Manager
> Adobe Systems Incorporated
> 1.1.5.0
> c:\program files\common files\adobe\arm\1.0\adobearm.exe
> 73bb442a717b9bb0097c243374c14a3e (MD5)
> a8624bdf847a13ff5eaf9fea5302ca5f181ae9dc (SHA-1)
> RTHDCPL
> RTHDCPL.EXE
> Realtek HD Audio Control Panel
> Realtek Semiconductor Corp.
> 2.2.6.2
> c:\windows\rthdcpl.exe
> b5dbe74457d015ec8d4f2cd43d52906d (MD5)
> f949ae47a20745d705cfc697e99cf2943ba87fae (SHA-1)
> Alcmtr
> ALCMTR.EXE
> Realtek Azalia Audio - Event Monitor
> Realtek Semiconductor Corp.
> 1.6.0.3
> c:\windows\alcmtr.exe
> ea31039e691c6f8f5469649526eea5fb (MD5)
> 529f2e778b0a17377e93c19caa05f8a87138ffcd (SHA-1)
> ISUSPM Startup
> C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
> InstallShield Update Service Update Manager
> InstallShield Software Corporation
> 3.10.100.1155
> c:\program files\common files\installshield\updateservice\isuspm.exe
> fb9e5c251cf6c37749f296bacb34a69b (MD5)
> 726df7171d5f28f922d6a258cdb6b0c18a257c91 (SHA-1)
> QuickTime Task
> "C:\Program Files\QuickTime\QTTask.exe" -atboottime
> QuickTime Task
> Apple Inc.
> 7.6.5.0
> c:\program files\quicktime\qttask.exe
> 55d7a219ad8d0db8980528944152a6fd (MD5)
> 8d1ac5c5424b24a2f79f91fb67aa4107ed766444 (SHA-1)
>
> HKCU\Software\Microsoft\Windows\CurrentVersion\Run
> ctfmon.exe
> C:\windows\system32\ctfmon.exe
> CTF Loader
> Microsoft Corporation
> 5.1.2600.2180
> c:\windows\system32\ctfmon.exe
> 24232996a38c0b0cf151c2140ae29fc8 (MD5)
> b36d03b56a30187ffc6257459d632a4faac48af2 (SHA-1)
> Gadwin PrintScreen
> C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
> Gadwin PrintScreen
> Gadwin Systems, Inc
> 4.3.0.0
> c:\program files\gadwin systems\printscreen\printscreen.exe
> 270a7537f750ee66ee41be987cbc0146 (MD5)
> 5ce9246b7a4808cde629318d46e70e4829b67e00 (SHA-1)

And there's the other. I'm running the Clone now as a fully operational
system, online, with AV protection. If and when you ask me to make
any changes and tests that might be affected, I can pull the phone plug.

Re: 2-hour hibernate failure

Posted: 10 Apr 2010, 15:30
by william b. lurie
John John - MVP wrote:
> William B. Lurie wrote:
>> This is a new thread. See old stuff for history.
>>
>> Okay, John, I'm using Clone2 and have started running your
>> investigatory programs.
>>
>>> Service Name,Start Mode
>>> Alerter,Disabled,
>>> ALG,Manual,
>>> AppMgmt,Manual,
>>> aspnet_state,Manual,
>>> Ati HotKey Poller,Auto,
>>> ATI Smart,Auto,
>>> AudioSrv,Auto,
>>> Automatic LiveUpdate Scheduler,Disabled,
>>> BITS,Manual,
>>> Browser,Auto,
>>> CiSvc,Manual,
>>> ClipSrv,Disabled,
>>> clr_optimization_v2.0.50727_32,Manual,
>>> COMSysApp,Manual,
>>> CryptSvc,Auto,
>>> DcomLaunch,Auto,
>>> Dhcp,Auto,
>>> dmadmin,Manual,
>>> dmserver,Manual,
>>> Dnscache,Auto,
>>> ERSvc,Manual,
>>> Eventlog,Manual,
>>> EventSystem,Manual,
>>> FastUserSwitchingCompatibility,Manual,
>>> Fax,Manual,
>>> FontCache3.0.0.0,Manual,
>>> GEARSecurity,Disabled,
>>> helpsvc,Auto,
>>> HidServ,Disabled,
>>> HTTPFilter,Manual,
>>> IDriverT,Manual,
>>> idsvc,Manual,
>>> Imapi Helper,Manual,
>>> ImapiService,Manual,
>>> lanmanserver,Auto,
>>> lanmanworkstation,Auto,
>>> LexBceS,Auto,
>>> LiveUpdate,Manual,
>>> LmHosts,Auto,
>>> lxct_device,Auto,
>>> MBAMService,Manual,
>>> MDM,Auto,
>>> Messenger,Disabled,
>>> mnmsrvc,Manual,
>>> MSIServer,Manual,
>>> NetDDE,Disabled,
>>> NetDDEdsdm,Disabled,
>>> Netlogon,Manual,
>>> Netman,Manual,
>>> NetTcpPortSharing,Disabled,
>>> Nla,Manual,
>>> Norton AntiVirus,Auto,
>>> Norton Save and Restore,Auto,
>>> NProtectService,Auto,
>>> NtLmSsp,Manual,
>>> NtmsSvc,Manual,
>>> ose,Manual,
>>> PlugPlay,Auto,
>>> PolicyAgent,Manual,
>>> ProtectedStorage,Auto,
>>> psqlWGE,Auto,
>>> RasAuto,Disabled,
>>> RasMan,Manual,
>>> RDSessMgr,Manual,
>>> RemoteAccess,Disabled,
>>> RpcLocator,Manual,
>>> RpcSs,Auto,
>>> RSVP,Manual,
>>> SamSs,Auto,
>>> SCardSvr,Manual,
>>> Schedule,Auto,
>>> seclogon,Auto,
>>> SENS,Auto,
>>> SharedAccess,Auto,
>>> ShellHWDetection,Auto,
>>> Speed Disk service,Auto,
>>> Spooler,Auto,
>>> srservice,Auto,
>>> SSDPSRV,Manual,
>>> stisvc,Auto,
>>> SwPrv,Manual,
>>> Symantec RemoteAssist,Manual,
>>> SysmonLog,Manual,
>>> TapiSrv,Manual,
>>> TermService,Auto,
>>> Themes,Auto,
>>> TrkWks,Auto,
>>> upnphost,Manual,
>>> UPS,Manual,
>>> Viewpoint Manager Service,Auto,
>>> VSS,Manual,
>>> W32Time,Auto,
>>> WebClient,Auto,
>>> winmgmt,Auto,
>>> WmdmPmSN,Manual,
>>> WmiApSrv,Manual,
>>> WMPNetworkSvc,Manual,
>>> wscsvc,Disabled,
>>> wuauserv,Auto,
>>> WudfSvc,Manual,
>>> WZCSVC,Auto,
>>> xmlprov,Manual,
>>
>> That's one.
>>
>>>
>>> HKLM\System\CurrentControlSet\Control\Terminal
>>> Server\Wds\rdpwd\StartupPrograms
>>> rdpclip
>>> rdpclip
>>> RDP Clip Monitor
>>> Microsoft Corporation
>>> 5.1.2600.2180
>>> c:\windows\system32\rdpclip.exe
>>> ab978e64b3cb5b78842bc2bdae19d0cd (MD5)
>>> db49bb6158d12ea7dc9b28ef2ee857edb6015138 (SHA-1)
>>>
>>> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
>>> C:\WINDOWS\system32\userinit.exe
>>> C:\WINDOWS\system32\userinit.exe
>>> Userinit Logon Application
>>> Microsoft Corporation
>>> 5.1.2600.2180
>>> c:\windows\system32\userinit.exe
>>> 39b1ffb03c2296323832acbae50d2aff (MD5)
>>> e5aedcbe25a97c89101f1f3860ff846e94d70445 (SHA-1)
>>>
>>> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
>>> Explorer.exe
>>> Explorer.exe
>>> Windows Explorer
>>> Microsoft Corporation
>>> 6.0.2900.3156
>>> c:\windows\explorer.exe
>>> 97bd6515465659ff8f3b7be375b2ea87 (MD5)
>>> 972307a3ef93680afdd03603df20f2241047a934 (SHA-1)
>>>
>>> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
>>> Recguard
>>> C:\WINDOWS\SMINST\RECGUARD.EXE
>>> Recguard Application
>>> 6.0.54.0
>>> c:\windows\sminst\recguard.exe
>>> f3eaea279f09a7779c18793c87640794 (MD5)
>>> 142d5cc0e87bcbfd8d23ef12956a3ecef0208006 (SHA-1)
>>> LXSUPMON
>>> C:\WINDOWS\system32\LXSUPMON.EXE RUN
>>> Supplies Monitor
>>> Lexmark International Inc.
>>> 3.0.105.1
>>> c:\windows\system32\lxsupmon.exe
>>> bdbd516e37761ed51e602a54873d24cd (MD5)
>>> 648754b111c8d14ad6b028020534836286800796 (SHA-1)
>>> HPBootOp
>>> "C:\Program Files\Hewlett-Packard\HP Boot
>>> Optimizer\HPBootOp.exe" /run
>>> HP Boot Optimizer
>>> Hewlett-Packard Company
>>> 3.0.0.0
>>> c:\program files\hewlett-packard\hp boot optimizer\hpbootop.exe
>>> a789b145f17fa5c2326907f4872fe173 (MD5)
>>> f04982c1c82b75b38e5da0ef838b6b2e753b3e6c (SHA-1)
>>> NSWosCheck
>>> "C:\Program Files\Norton SystemWorks Premier Edition\osCheck.exe"
>>> osCheck
>>> Symantec Corporation
>>> 12.0.0.52
>>> c:\program files\norton systemworks premier edition\oscheck.exe
>>> b9d7e074e0ee39ca1b6101ce0d7d8cc0 (MD5)
>>> c38060885884970d123d9aac58633309c91f5289 (SHA-1)
>>> TkBellExe
>>> "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
>>> -osboot
>>> RealNetworks Scheduler
>>> RealNetworks, Inc.
>>> 0.1.0.4043
>>> c:\program files\common files\real\update_ob\realsched.exe
>>> 28525d80ea1d33cf60b8ac318a5f1c82 (MD5)
>>> d66a9b76f6982d905029492310a3b3b6f111f2cb (SHA-1)
>>> SMSI Loader
>>> C:\Program Files\Common Files\Smith Micro
>>> Shared\Fax\SMLoader.exe /PRNDRV
>>> SMSI Loader
>>> Smith Micro Software, Inc.
>>> 1.4.0.0
>>> c:\program files\common files\smith micro shared\fax\smloader.exe
>>> e8187ccc1ea4575584cd22b2ae0b29fa (MD5)
>>> 3f1d727057f1978fe0e65444ce0edfa3e70da45d (SHA-1)
>>> NswUiTray
>>> C:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
>>> Norton SystemWorks System Tray Module
>>> Symantec Corporation
>>> 12.0.0.52
>>> c:\program files\norton systemworks premier edition\nswuitray.exe
>>> 342b0d08fdf4ddaa5ac01aec50f95d77 (MD5)
>>> 330e1c7495aa61e65d606acb8d7f00c87e582225 (SHA-1)
>>> Norton Save and Restore 2.0
>>> "C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
>>> Tray Application
>>> Symantec Corporation
>>> 2.0.7.29210
>>> c:\program files\norton save and restore\agent\vprotray.exe
>>> 3ccbdad4dbc7f1feda9454a4f5f32526 (MD5)
>>> 5e9b559597c300ed28a4157e267fafbe3e546fb2 (SHA-1)
>>> KernelFaultCheck
>>> %systemroot%\system32\dumprep 0 -k
>>> Windows Error Reporting Dump Reporting Tool
>>> Microsoft Corporation
>>> 5.1.2600.2180
>>> c:\windows\system32\dumprep.exe
>>> 13922eb54890c77005268882629a31fe (MD5)
>>> 0504e67f338bfe08a1a694dea598fecc603e6695 (SHA-1)
>>> MSConfig
>>> C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
>>> System Configuration Utility
>>> Microsoft Corporation
>>> 5.1.2600.2764
>>> c:\windows\pchealth\helpctr\binaries\msconfig.exe
>>> 3c60aefa68efa2c4d13ab6b68fe82b81 (MD5)
>>> abdb5d622a86473732671f5d5d2d7ba458af656e (SHA-1)
>>> lxctmon.exe
>>> "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
>>> Device Monitor
>>> 0.1.25.0
>>> c:\program files\lexmark 5400 series\lxctmon.exe
>>> 623f89715522b2f4e14a1a21d4fc272a (MD5)
>>> 83caaed7b3c6c9698bdb8964eda44acbfbc48b4e (SHA-1)
>>> Lexmark 5400 Series Fax Server
>>> "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
>>> Fax Man Server
>>> 0.1.4.1
>>> c:\program files\lexmark 5400 series\fm3032.exe
>>> 6c9fb7a576813630c7f0ac9244c5b5d6 (MD5)
>>> 7fd7485f93cd0bfc0904dbb5f260f3c54b1cbc63 (SHA-1)
>>> EzPrint
>>> "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
>>> Lexmark Fast Pics Application
>>> Lexmark International Inc.
>>> 2.0.40.0
>>> c:\program files\lexmark 5400 series\ezprint.exe
>>> 404f68eaa178e29d2a96121a5184bc70 (MD5)
>>> b8a6345ce3672c988d93700e235d8d6965f36072 (SHA-1)
>>> LXCTCATS
>>> rundll32
>>> C:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
>>> Lexmark Connect Timer DLL
>>> Lexmark International Inc.
>>> 1.20.0.0
>>> c:\windows\system32\spool\drivers\w32x86\3\lxcttime.dll
>>> e9b2e1938b478881a0ce79b6bb9ac31c (MD5)
>>> 56d5749513073983c7bfb2fe1cabc88fc73a6726 (SHA-1)
>>> Adobe Reader Speed Launcher
>>> "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
>>> Adobe Acrobat SpeedLauncher
>>> Adobe Systems Incorporated
>>> 9.3.0.148
>>> c:\program files\adobe\reader 9.0\reader\reader_sl.exe
>>> 466ce40eaa865752f4930a472563e4e1 (MD5)
>>> e2f61f354d97b75638da96efa73309cf837e8b7a (SHA-1)
>>> Adobe ARM
>>> "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
>>> Adobe Reader and Acrobat Manager
>>> Adobe Systems Incorporated
>>> 1.1.5.0
>>> c:\program files\common files\adobe\arm\1.0\adobearm.exe
>>> 73bb442a717b9bb0097c243374c14a3e (MD5)
>>> a8624bdf847a13ff5eaf9fea5302ca5f181ae9dc (SHA-1)
>>> RTHDCPL
>>> RTHDCPL.EXE
>>> Realtek HD Audio Control Panel
>>> Realtek Semiconductor Corp.
>>> 2.2.6.2
>>> c:\windows\rthdcpl.exe
>>> b5dbe74457d015ec8d4f2cd43d52906d (MD5)
>>> f949ae47a20745d705cfc697e99cf2943ba87fae (SHA-1)
>>> Alcmtr
>>> ALCMTR.EXE
>>> Realtek Azalia Audio - Event Monitor
>>> Realtek Semiconductor Corp.
>>> 1.6.0.3
>>> c:\windows\alcmtr.exe
>>> ea31039e691c6f8f5469649526eea5fb (MD5)
>>> 529f2e778b0a17377e93c19caa05f8a87138ffcd (SHA-1)
>>> ISUSPM Startup
>>> C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
>>> InstallShield Update Service Update Manager
>>> InstallShield Software Corporation
>>> 3.10.100.1155
>>> c:\program files\common
>>> files\installshield\updateservice\isuspm.exe
>>> fb9e5c251cf6c37749f296bacb34a69b (MD5)
>>> 726df7171d5f28f922d6a258cdb6b0c18a257c91 (SHA-1)
>>> QuickTime Task
>>> "C:\Program Files\QuickTime\QTTask.exe" -atboottime
>>> QuickTime Task
>>> Apple Inc.
>>> 7.6.5.0
>>> c:\program files\quicktime\qttask.exe
>>> 55d7a219ad8d0db8980528944152a6fd (MD5)
>>> 8d1ac5c5424b24a2f79f91fb67aa4107ed766444 (SHA-1)
>>>
>>> HKCU\Software\Microsoft\Windows\CurrentVersion\Run
>>> ctfmon.exe
>>> C:\windows\system32\ctfmon.exe
>>> CTF Loader
>>> Microsoft Corporation
>>> 5.1.2600.2180
>>> c:\windows\system32\ctfmon.exe
>>> 24232996a38c0b0cf151c2140ae29fc8 (MD5)
>>> b36d03b56a30187ffc6257459d632a4faac48af2 (SHA-1)
>>> Gadwin PrintScreen
>>> C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
>>> /nosplash
>>> Gadwin PrintScreen
>>> Gadwin Systems, Inc
>>> 4.3.0.0
>>> c:\program files\gadwin systems\printscreen\printscreen.exe
>>> 270a7537f750ee66ee41be987cbc0146 (MD5)
>>> 5ce9246b7a4808cde629318d46e70e4829b67e00 (SHA-1)
>>
>> And there's the other. I'm running the Clone now as a fully
>> operational system, online, with AV protection.
>
> Is Norton providing firewall protection?
>
> Also, please provide the results of the "net start" and "tasklist /svc"
> commands.
>
> John
Norton firewall? I really don't know, John. I know I
have Windows Firewall on..... I'll check and advise.
Now you asked for:

These Windows services are started:

Application Layer Gateway Service
Ati HotKey Poller
Automatic Updates
Background Intelligent Transfer Service
COM+ Event System
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
Event Log
Fast User Switching Compatibility
Help and Support
LexBce Server
lxct_device
Machine Debug Manager
Network Connections
Network Location Awareness (NLA)
Norton AntiVirus
Norton Save and Restore
Norton UnErase Protection
Pervasive PSQL Workgroup Engine
Plug and Play
Print Spooler
Protected Storage
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Server
Shell Hardware Detection
Speed Disk service
SSDP Discovery Service
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
Viewpoint Manager Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.


Image Name PID Services

========================= ======
=============================================
System Idle Process 0 N/A

System 4 N/A

smss.exe 1200 N/A

csrss.exe 1280 N/A

winlogon.exe 1312 N/A

services.exe 1356 Eventlog, PlugPlay

lsass.exe 1368 ProtectedStorage, SamSs

ati2evxx.exe 1528 Ati HotKey Poller

svchost.exe 1548 DcomLaunch, TermService

svchost.exe 1672 RpcSs

svchost.exe 1840 AudioSrv, BITS, CryptSvc, Dhcp,
EventSystem,
FastUserSwitchingCompatibility,
helpsvc,
lanmanserver, lanmanworkstation,
Netman,
Nla, RasMan, Schedule, seclogon, SENS,

SharedAccess, ShellHWDetection,
TapiSrv,
Themes, TrkWks, W32Time, winmgmt,
wuauserv,
WZCSVC

svchost.exe 1916 Dnscache

ati2evxx.exe 204 N/A

svchost.exe 240 LmHosts, SSDPSRV

explorer.exe 696 N/A

LEXBCES.EXE 772 LexBceS

spoolsv.exe 824 Spooler

LEXPPS.EXE 860 N/A

svchost.exe 1068 WebClient

lxctcoms.exe 1216 lxct_device

LXSUPMON.EXE 1444 N/A

MDM.EXE 1576 MDM

realsched.exe 1824 N/A

SMLoader.exe 1832 N/A

NswUiTray.exe 1864 N/A

VProTray.exe 1892 N/A

lxctmon.exe 1972 N/A

ccSvcHst.exe 1980 Norton AntiVirus

ezprint.exe 2024 N/A

RTHDCPL.EXE 156 N/A

VProSvc.exe 292 Norton Save and Restore

ctfmon.exe 596 N/A

PrintScreen.exe 584 N/A

NPROTECT.EXE 1640 NProtectService

w3dbsmgr.exe 1936 psqlWGE

NOPDB.exe 2352 Speed Disk service

svchost.exe 2392 stisvc

ViewpointService.exe 2492 Viewpoint Manager Service

ccSvcHst.exe 3464 N/A

alg.exe 3952 ALG

hpsysdrv.exe 1332 N/A

issch.exe 992 N/A

thunderbird.exe 3680 N/A

cmd.exe 448 N/A

tasklist.exe 540 N/A

wmiprvse.exe 728 N/A

Re: 2-hour hibernate failure

Posted: 10 Apr 2010, 15:30
by william b. lurie
John John - MVP wrote:
(snip)>
> Is Norton providing firewall protection?

The answer is *no*, John. They say they don't have
one so that each user can use a Firewall of his choice.
>
Bill

Re: 2-hour hibernate failure

Posted: 10 Apr 2010, 20:15
by william b. lurie
John John - MVP wrote:
> William B. Lurie wrote:
>> John John - MVP wrote:
>>> William B. Lurie wrote:
>>>> This is a new thread. See old stuff for history.
>>>>
>>>> Okay, John, I'm using Clone2 and have started running your
>>>> investigatory programs.
>>>>
>>>>> Service Name,Start Mode
>>>>> Alerter,Disabled,
>>>>> ALG,Manual,
>>>>> AppMgmt,Manual,
>>>>> aspnet_state,Manual,
>>>>> Ati HotKey Poller,Auto,
>>>>> ATI Smart,Auto,
>>>>> AudioSrv,Auto,
>>>>> Automatic LiveUpdate Scheduler,Disabled,
>>>>> BITS,Manual,
>>>>> Browser,Auto,
>>>>> CiSvc,Manual,
>>>>> ClipSrv,Disabled,
>>>>> clr_optimization_v2.0.50727_32,Manual,
>>>>> COMSysApp,Manual,
>>>>> CryptSvc,Auto,
>>>>> DcomLaunch,Auto,
>>>>> Dhcp,Auto,
>>>>> dmadmin,Manual,
>>>>> dmserver,Manual,
>>>>> Dnscache,Auto,
>>>>> ERSvc,Manual,
>>>>> Eventlog,Manual,
>>>>> EventSystem,Manual,
>>>>> FastUserSwitchingCompatibility,Manual,
>>>>> Fax,Manual,
>>>>> FontCache3.0.0.0,Manual,
>>>>> GEARSecurity,Disabled,
>>>>> helpsvc,Auto,
>>>>> HidServ,Disabled,
>>>>> HTTPFilter,Manual,
>>>>> IDriverT,Manual,
>>>>> idsvc,Manual,
>>>>> Imapi Helper,Manual,
>>>>> ImapiService,Manual,
>>>>> lanmanserver,Auto,
>>>>> lanmanworkstation,Auto,
>>>>> LexBceS,Auto,
>>>>> LiveUpdate,Manual,
>>>>> LmHosts,Auto,
>>>>> lxct_device,Auto,
>>>>> MBAMService,Manual,
>>>>> MDM,Auto,
>>>>> Messenger,Disabled,
>>>>> mnmsrvc,Manual,
>>>>> MSIServer,Manual,
>>>>> NetDDE,Disabled,
>>>>> NetDDEdsdm,Disabled,
>>>>> Netlogon,Manual,
>>>>> Netman,Manual,
>>>>> NetTcpPortSharing,Disabled,
>>>>> Nla,Manual,
>>>>> Norton AntiVirus,Auto,
>>>>> Norton Save and Restore,Auto,
>>>>> NProtectService,Auto,
>>>>> NtLmSsp,Manual,
>>>>> NtmsSvc,Manual,
>>>>> ose,Manual,
>>>>> PlugPlay,Auto,
>>>>> PolicyAgent,Manual,
>>>>> ProtectedStorage,Auto,
>>>>> psqlWGE,Auto,
>>>>> RasAuto,Disabled,
>>>>> RasMan,Manual,
>>>>> RDSessMgr,Manual,
>>>>> RemoteAccess,Disabled,
>>>>> RpcLocator,Manual,
>>>>> RpcSs,Auto,
>>>>> RSVP,Manual,
>>>>> SamSs,Auto,
>>>>> SCardSvr,Manual,
>>>>> Schedule,Auto,
>>>>> seclogon,Auto,
>>>>> SENS,Auto,
>>>>> SharedAccess,Auto,
>>>>> ShellHWDetection,Auto,
>>>>> Speed Disk service,Auto,
>>>>> Spooler,Auto,
>>>>> srservice,Auto,
>>>>> SSDPSRV,Manual,
>>>>> stisvc,Auto,
>>>>> SwPrv,Manual,
>>>>> Symantec RemoteAssist,Manual,
>>>>> SysmonLog,Manual,
>>>>> TapiSrv,Manual,
>>>>> TermService,Auto,
>>>>> Themes,Auto,
>>>>> TrkWks,Auto,
>>>>> upnphost,Manual,
>>>>> UPS,Manual,
>>>>> Viewpoint Manager Service,Auto,
>>>>> VSS,Manual,
>>>>> W32Time,Auto,
>>>>> WebClient,Auto,
>>>>> winmgmt,Auto,
>>>>> WmdmPmSN,Manual,
>>>>> WmiApSrv,Manual,
>>>>> WMPNetworkSvc,Manual,
>>>>> wscsvc,Disabled,
>>>>> wuauserv,Auto,
>>>>> WudfSvc,Manual,
>>>>> WZCSVC,Auto,
>>>>> xmlprov,Manual,
>>>>
>>>> That's one.
>>>>
>>>>>
>>>>> HKLM\System\CurrentControlSet\Control\Terminal
>>>>> Server\Wds\rdpwd\StartupPrograms
>>>>> rdpclip
>>>>> rdpclip
>>>>> RDP Clip Monitor
>>>>> Microsoft Corporation
>>>>> 5.1.2600.2180
>>>>> c:\windows\system32\rdpclip.exe
>>>>> ab978e64b3cb5b78842bc2bdae19d0cd (MD5)
>>>>> db49bb6158d12ea7dc9b28ef2ee857edb6015138 (SHA-1)
>>>>>
>>>>> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
>>>>> C:\WINDOWS\system32\userinit.exe
>>>>> C:\WINDOWS\system32\userinit.exe
>>>>> Userinit Logon Application
>>>>> Microsoft Corporation
>>>>> 5.1.2600.2180
>>>>> c:\windows\system32\userinit.exe
>>>>> 39b1ffb03c2296323832acbae50d2aff (MD5)
>>>>> e5aedcbe25a97c89101f1f3860ff846e94d70445 (SHA-1)
>>>>>
>>>>> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
>>>>> Explorer.exe
>>>>> Explorer.exe
>>>>> Windows Explorer
>>>>> Microsoft Corporation
>>>>> 6.0.2900.3156
>>>>> c:\windows\explorer.exe
>>>>> 97bd6515465659ff8f3b7be375b2ea87 (MD5)
>>>>> 972307a3ef93680afdd03603df20f2241047a934 (SHA-1)
>>>>>
>>>>> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
>>>>> Recguard
>>>>> C:\WINDOWS\SMINST\RECGUARD.EXE
>>>>> Recguard Application
>>>>> 6.0.54.0
>>>>> c:\windows\sminst\recguard.exe
>>>>> f3eaea279f09a7779c18793c87640794 (MD5)
>>>>> 142d5cc0e87bcbfd8d23ef12956a3ecef0208006 (SHA-1)
>>>>> LXSUPMON
>>>>> C:\WINDOWS\system32\LXSUPMON.EXE RUN
>>>>> Supplies Monitor
>>>>> Lexmark International Inc.
>>>>> 3.0.105.1
>>>>> c:\windows\system32\lxsupmon.exe
>>>>> bdbd516e37761ed51e602a54873d24cd (MD5)
>>>>> 648754b111c8d14ad6b028020534836286800796 (SHA-1)
>>>>> HPBootOp
>>>>> "C:\Program Files\Hewlett-Packard\HP Boot
>>>>> Optimizer\HPBootOp.exe" /run
>>>>> HP Boot Optimizer
>>>>> Hewlett-Packard Company
>>>>> 3.0.0.0
>>>>> c:\program files\hewlett-packard\hp boot optimizer\hpbootop.exe
>>>>> a789b145f17fa5c2326907f4872fe173 (MD5)
>>>>> f04982c1c82b75b38e5da0ef838b6b2e753b3e6c (SHA-1)
>>>>> NSWosCheck
>>>>> "C:\Program Files\Norton SystemWorks Premier Edition\osCheck.exe"
>>>>> osCheck
>>>>> Symantec Corporation
>>>>> 12.0.0.52
>>>>> c:\program files\norton systemworks premier edition\oscheck.exe
>>>>> b9d7e074e0ee39ca1b6101ce0d7d8cc0 (MD5)
>>>>> c38060885884970d123d9aac58633309c91f5289 (SHA-1)
>>>>> TkBellExe
>>>>> "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"
>>>>> -osboot
>>>>> RealNetworks Scheduler
>>>>> RealNetworks, Inc.
>>>>> 0.1.0.4043
>>>>> c:\program files\common files\real\update_ob\realsched.exe
>>>>> 28525d80ea1d33cf60b8ac318a5f1c82 (MD5)
>>>>> d66a9b76f6982d905029492310a3b3b6f111f2cb (SHA-1)
>>>>> SMSI Loader
>>>>> C:\Program Files\Common Files\Smith Micro
>>>>> Shared\Fax\SMLoader.exe /PRNDRV
>>>>> SMSI Loader
>>>>> Smith Micro Software, Inc.
>>>>> 1.4.0.0
>>>>> c:\program files\common files\smith micro shared\fax\smloader.exe
>>>>> e8187ccc1ea4575584cd22b2ae0b29fa (MD5)
>>>>> 3f1d727057f1978fe0e65444ce0edfa3e70da45d (SHA-1)
>>>>> NswUiTray
>>>>> C:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
>>>>> Norton SystemWorks System Tray Module
>>>>> Symantec Corporation
>>>>> 12.0.0.52
>>>>> c:\program files\norton systemworks premier edition\nswuitray.exe
>>>>> 342b0d08fdf4ddaa5ac01aec50f95d77 (MD5)
>>>>> 330e1c7495aa61e65d606acb8d7f00c87e582225 (SHA-1)
>>>>> Norton Save and Restore 2.0
>>>>> "C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
>>>>> Tray Application
>>>>> Symantec Corporation
>>>>> 2.0.7.29210
>>>>> c:\program files\norton save and restore\agent\vprotray.exe
>>>>> 3ccbdad4dbc7f1feda9454a4f5f32526 (MD5)
>>>>> 5e9b559597c300ed28a4157e267fafbe3e546fb2 (SHA-1)
>>>>> KernelFaultCheck
>>>>> %systemroot%\system32\dumprep 0 -k
>>>>> Windows Error Reporting Dump Reporting Tool
>>>>> Microsoft Corporation
>>>>> 5.1.2600.2180
>>>>> c:\windows\system32\dumprep.exe
>>>>> 13922eb54890c77005268882629a31fe (MD5)
>>>>> 0504e67f338bfe08a1a694dea598fecc603e6695 (SHA-1)
>>>>> MSConfig
>>>>> C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
>>>>> System Configuration Utility
>>>>> Microsoft Corporation
>>>>> 5.1.2600.2764
>>>>> c:\windows\pchealth\helpctr\binaries\msconfig.exe
>>>>> 3c60aefa68efa2c4d13ab6b68fe82b81 (MD5)
>>>>> abdb5d622a86473732671f5d5d2d7ba458af656e (SHA-1)
>>>>> lxctmon.exe
>>>>> "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
>>>>> Device Monitor
>>>>> 0.1.25.0
>>>>> c:\program files\lexmark 5400 series\lxctmon.exe
>>>>> 623f89715522b2f4e14a1a21d4fc272a (MD5)
>>>>> 83caaed7b3c6c9698bdb8964eda44acbfbc48b4e (SHA-1)
>>>>> Lexmark 5400 Series Fax Server
>>>>> "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
>>>>> Fax Man Server
>>>>> 0.1.4.1
>>>>> c:\program files\lexmark 5400 series\fm3032.exe
>>>>> 6c9fb7a576813630c7f0ac9244c5b5d6 (MD5)
>>>>> 7fd7485f93cd0bfc0904dbb5f260f3c54b1cbc63 (SHA-1)
>>>>> EzPrint
>>>>> "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
>>>>> Lexmark Fast Pics Application
>>>>> Lexmark International Inc.
>>>>> 2.0.40.0
>>>>> c:\program files\lexmark 5400 series\ezprint.exe
>>>>> 404f68eaa178e29d2a96121a5184bc70 (MD5)
>>>>> b8a6345ce3672c988d93700e235d8d6965f36072 (SHA-1)
>>>>> LXCTCATS
>>>>> rundll32
>>>>> C:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
>>>>>
>>>>> Lexmark Connect Timer DLL
>>>>> Lexmark International Inc.
>>>>> 1.20.0.0
>>>>> c:\windows\system32\spool\drivers\w32x86\3\lxcttime.dll
>>>>> e9b2e1938b478881a0ce79b6bb9ac31c (MD5)
>>>>> 56d5749513073983c7bfb2fe1cabc88fc73a6726 (SHA-1)
>>>>> Adobe Reader Speed Launcher
>>>>> "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
>>>>> Adobe Acrobat SpeedLauncher
>>>>> Adobe Systems Incorporated
>>>>> 9.3.0.148
>>>>> c:\program files\adobe\reader 9.0\reader\reader_sl.exe
>>>>> 466ce40eaa865752f4930a472563e4e1 (MD5)
>>>>> e2f61f354d97b75638da96efa73309cf837e8b7a (SHA-1)
>>>>> Adobe ARM
>>>>> "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
>>>>> Adobe Reader and Acrobat Manager
>>>>> Adobe Systems Incorporated
>>>>> 1.1.5.0
>>>>> c:\program files\common files\adobe\arm\1.0\adobearm.exe
>>>>> 73bb442a717b9bb0097c243374c14a3e (MD5)
>>>>> a8624bdf847a13ff5eaf9fea5302ca5f181ae9dc (SHA-1)
>>>>> RTHDCPL
>>>>> RTHDCPL.EXE
>>>>> Realtek HD Audio Control Panel
>>>>> Realtek Semiconductor Corp.
>>>>> 2.2.6.2
>>>>> c:\windows\rthdcpl.exe
>>>>> b5dbe74457d015ec8d4f2cd43d52906d (MD5)
>>>>> f949ae47a20745d705cfc697e99cf2943ba87fae (SHA-1)
>>>>> Alcmtr
>>>>> ALCMTR.EXE
>>>>> Realtek Azalia Audio - Event Monitor
>>>>> Realtek Semiconductor Corp.
>>>>> 1.6.0.3
>>>>> c:\windows\alcmtr.exe
>>>>> ea31039e691c6f8f5469649526eea5fb (MD5)
>>>>> 529f2e778b0a17377e93c19caa05f8a87138ffcd (SHA-1)
>>>>> ISUSPM Startup
>>>>> C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
>>>>> InstallShield Update Service Update Manager
>>>>> InstallShield Software Corporation
>>>>> 3.10.100.1155
>>>>> c:\program files\common
>>>>> files\installshield\updateservice\isuspm.exe
>>>>> fb9e5c251cf6c37749f296bacb34a69b (MD5)
>>>>> 726df7171d5f28f922d6a258cdb6b0c18a257c91 (SHA-1)
>>>>> QuickTime Task
>>>>> "C:\Program Files\QuickTime\QTTask.exe" -atboottime
>>>>> QuickTime Task
>>>>> Apple Inc.
>>>>> 7.6.5.0
>>>>> c:\program files\quicktime\qttask.exe
>>>>> 55d7a219ad8d0db8980528944152a6fd (MD5)
>>>>> 8d1ac5c5424b24a2f79f91fb67aa4107ed766444 (SHA-1)
>>>>>
>>>>> HKCU\Software\Microsoft\Windows\CurrentVersion\Run
>>>>> ctfmon.exe
>>>>> C:\windows\system32\ctfmon.exe
>>>>> CTF Loader
>>>>> Microsoft Corporation
>>>>> 5.1.2600.2180
>>>>> c:\windows\system32\ctfmon.exe
>>>>> 24232996a38c0b0cf151c2140ae29fc8 (MD5)
>>>>> b36d03b56a30187ffc6257459d632a4faac48af2 (SHA-1)
>>>>> Gadwin PrintScreen
>>>>> C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
>>>>> /nosplash
>>>>> Gadwin PrintScreen
>>>>> Gadwin Systems, Inc
>>>>> 4.3.0.0
>>>>> c:\program files\gadwin systems\printscreen\printscreen.exe
>>>>> 270a7537f750ee66ee41be987cbc0146 (MD5)
>>>>> 5ce9246b7a4808cde629318d46e70e4829b67e00 (SHA-1)
>>>>
>>>> And there's the other. I'm running the Clone now as a fully
>>>> operational system, online, with AV protection.
>>>
>>> Is Norton providing firewall protection?
>>>
>>> Also, please provide the results of the "net start" and "tasklist
>>> /svc" commands.
>>>
>>> John
>> Norton firewall? I really don't know, John. I know I
>> have Windows Firewall on..... I'll check and advise.
>> Now you asked for:
>>
>> These Windows services are started:
>>
>> Application Layer Gateway Service
>> Ati HotKey Poller
>> Automatic Updates
>> Background Intelligent Transfer Service
>> COM+ Event System
>> Cryptographic Services
>> DCOM Server Process Launcher
>> DHCP Client
>> Distributed Link Tracking Client
>> DNS Client
>> Event Log
>> Fast User Switching Compatibility
>> Help and Support
>> LexBce Server
>> lxct_device
>> Machine Debug Manager
>> Network Connections
>> Network Location Awareness (NLA)
>> Norton AntiVirus
>> Norton Save and Restore
>> Norton UnErase Protection
>> Pervasive PSQL Workgroup Engine
>> Plug and Play
>> Print Spooler
>> Protected Storage
>> Remote Access Connection Manager
>> Remote Procedure Call (RPC)
>> Secondary Logon
>> Security Accounts Manager
>> Server
>> Shell Hardware Detection
>> Speed Disk service
>> SSDP Discovery Service
>> System Event Notification
>> Task Scheduler
>> TCP/IP NetBIOS Helper
>> Telephony
>> Terminal Services
>> Themes
>> Viewpoint Manager Service
>> WebClient
>> Windows Audio
>> Windows Firewall/Internet Connection Sharing (ICS)
>> Windows Image Acquisition (WIA)
>> Windows Management Instrumentation
>> Windows Time
>> Wireless Zero Configuration
>> Workstation
>>
>> The command completed successfully.
>>
>>
>> Image Name PID Services
>> ========================= ======
>> =============================================
>> System Idle Process 0 N/A
>> System 4 N/A
>> smss.exe 1200 N/A
>> csrss.exe 1280 N/A
>> winlogon.exe 1312 N/A
>> services.exe 1356 Eventlog, PlugPlay
>> lsass.exe 1368 ProtectedStorage, SamSs
>> ati2evxx.exe 1528 Ati HotKey Poller
>> svchost.exe 1548 DcomLaunch, TermService
>> svchost.exe 1672 RpcSs
>> svchost.exe 1840 AudioSrv, BITS, CryptSvc, Dhcp,
>> EventSystem,
>> FastUserSwitchingCompatibility, helpsvc,
>> lanmanserver, lanmanworkstation, Netman,
>> Nla, RasMan, Schedule, seclogon, SENS,
>> SharedAccess, ShellHWDetection, TapiSrv,
>> Themes, TrkWks, W32Time, winmgmt,
>> wuauserv,
>> WZCSVC
>> svchost.exe 1916 Dnscache
>> ati2evxx.exe 204 N/A
>> svchost.exe 240 LmHosts, SSDPSRV
>> explorer.exe 696 N/A
>> LEXBCES.EXE 772 LexBceS
>> spoolsv.exe 824 Spooler
>> LEXPPS.EXE 860 N/A
>> svchost.exe 1068 WebClient
>> lxctcoms.exe 1216 lxct_device
>> LXSUPMON.EXE 1444 N/A
>> MDM.EXE 1576 MDM
>> realsched.exe 1824 N/A
>> SMLoader.exe 1832 N/A
>> NswUiTray.exe 1864 N/A
>> VProTray.exe 1892 N/A
>> lxctmon.exe 1972 N/A
>> ccSvcHst.exe 1980 Norton AntiVirus
>> ezprint.exe 2024 N/A
>> RTHDCPL.EXE 156 N/A
>> VProSvc.exe 292 Norton Save and Restore
>> ctfmon.exe 596 N/A
>> PrintScreen.exe 584 N/A
>> NPROTECT.EXE 1640 NProtectService
>> w3dbsmgr.exe 1936 psqlWGE
>> NOPDB.exe 2352 Speed Disk service
>> svchost.exe 2392 stisvc
>> ViewpointService.exe 2492 Viewpoint Manager Service
>> ccSvcHst.exe 3464 N/A
>> alg.exe 3952 ALG
>> hpsysdrv.exe 1332 N/A
>> issch.exe 992 N/A
>> thunderbird.exe 3680 N/A
>> cmd.exe 448 N/A
>> tasklist.exe 540 N/A
>> wmiprvse.exe 728 N/A
>
> I'm still quite busy with other things but in the meantime you should
> take a look at your startup programs and decide what is really needed
> and what is nothing more than useless clutter. There is nothing wrong
> with startup programs, some can be really useful or even necessary for
> your personal needs. But keep in mind that a lot of programs set
> themselves up to start when you boot the computer and that most of them
> need not start when the computer boots, all they do is slow down your
> boot time and clutter up things when you try to troubleshoot problems,
> and some are outright pests!
>
> I mean, do you really need things like Real Scheduler and Gadwin Print
> Screen running all the time? These programs will run just fine even if
> they aren't started automatically every time you boot the computer. Go
> in these programs and change/disable their startup option. Some can be
> difficult to kill so helper utilities can be helpful when trying to
> control startup programs. Try CodeStuff Starter, it's safe and easy to
> use, I think you will like it, get it here:
> http://codestuff.tripod.com/products_starter.html
>
> I can't tell you which startup items to keep, it's a personal
> preference, but pretty well all the startup items shown by CodeStuff
> Starter are safe to disable, and the changes are easy to reverse if you
> change your mind. Research the items it shows you and decide whether or
> not these things are really useful or needed. Some programs will set
> themselves to start at boot time without your knowledge and with time
> the list can grow to include useless pests, part of good computer
> maintenance includes regular check of these startup items and removal of
> the useless ones.
>
> John
Thanks, John, I'll download Starter and see what it tells me.
There's a lot that I don't use every day that I just let load
for convenience.

Re: 2-hour hibernate failure

Posted: 10 Apr 2010, 20:40
by william b. lurie
John John - MVP wrote:

> I mean, do you really need things like Real Scheduler and Gadwin Print
> Screen running all the time? These programs will run just fine even if
> they aren't started automatically every time you boot the computer. Go
> in these programs and change/disable their startup option. Some can be
> difficult to kill so helper utilities can be helpful when trying to
> control startup programs. Try CodeStuff Starter, it's safe and easy to
> use, I think you will like it, get it here:
> http://codestuff.tripod.com/products_starter.html
>
> I can't tell you which startup items to keep, it's a personal
> preference, but pretty well all the startup items shown by CodeStuff
> Starter are safe to disable, and the changes are easy to reverse if you
> change your mind. Research the items it shows you and decide whether or
> not these things are really useful or needed. Some programs will set
> themselves to start at boot time without your knowledge and with time
> the list can grow to include useless pests, part of good computer
> maintenance includes regular check of these startup items and removal of
> the useless ones.
>
> John

Okay, John, I installed and ran Starter but of the 20-odd items, half
are mystery items, system items (ctfmon. etcetera) that I don't dare
touch. I'll study it some more and x-out a bunch, but I have no
confidence that it will affect the hibernate problem at all. Think
about it when you can spare the time.
Bill

Re: 2-hour hibernate failure

Posted: 11 Apr 2010, 00:10
by william b. lurie
William B. Lurie wrote:
> John John - MVP wrote:
>
>> I mean, do you really need things like Real Scheduler and Gadwin Print
>> Screen running all the time? These programs will run just fine even
>> if they aren't started automatically every time you boot the
>> computer. Go in these programs and change/disable their startup
>> option. Some can be difficult to kill so helper utilities can be
>> helpful when trying to control startup programs. Try CodeStuff
>> Starter, it's safe and easy to use, I think you will like it, get it
>> here: http://codestuff.tripod.com/products_starter.html
>>
>> I can't tell you which startup items to keep, it's a personal
>> preference, but pretty well all the startup items shown by CodeStuff
>> Starter are safe to disable, and the changes are easy to reverse if
>> you change your mind. Research the items it shows you and decide
>> whether or not these things are really useful or needed. Some
>> programs will set themselves to start at boot time without your
>> knowledge and with time the list can grow to include useless pests,
>> part of good computer maintenance includes regular check of these
>> startup items and removal of the useless ones.
>>
>> John
>
> Okay, John, I installed and ran Starter but of the 20-odd items, half
> are mystery items, system items (ctfmon. etcetera) that I don't dare
> touch. I'll study it some more and x-out a bunch, but I have no
> confidence that it will affect the hibernate problem at all. Think
> about it when you can spare the time.
> Bill
After some hours on and off of using Starter very minimally, I find
that it has done something very disturbing to the way the system boots.
I get the black screen with Windows logo, and then the first blue
screen, and it never gets to the blue Welcome screen or desktop by
itself. I've done it 3 times, and it now always has to be booted using
F8 and last-system-that-worked. After the last successful start by that
method, I did a chkdsk/r which revealed nothing, and I'm a bit
disenchanted by this setback. And I know you're right about loading
more than is always required, but the only harm it really does is to
load programs, some of which seem to be causing the hibernate
malfunction. I don't want to fix what ain't broke, only what *is*
broke. I'm going to uninstall Starter and see if my system will get
back to where it boots all the way.

Re: 2-hour hibernate failure

Posted: 11 Apr 2010, 16:35
by william b. lurie
John John - MVP wrote:
> William B. Lurie wrote:
>> This is a new thread. See old stuff for history.
>>
>> Okay, John, I'm using Clone2 and have started running your
>> investigatory programs.
>
> Is the computer a laptop or a desktop?
>
> Run the batch file below, it will change the following services:
>
> Ati HotKey Poller from Auto to Manual
> ATI Smart from Auto to Manual
> Browser from Auto to Manual
> Dnscache from Auto to Manual
> Eventlog from Manual to Auto
> lanmanserver from Auto to Manual
> LmHosts from Auto to Manual
> MDM from Auto to Manual
> psqlWGE from Auto to Manual
> Speed Disk service from Auto to Manual
> TermService from Auto to Manual
> TrkWks from Auto to Manual
> W32Time from Auto to Manual
> WebClient from Auto to Manual
> WZCSVC fom Auto to Manual
>
> and change previously discovered nonexistent drivers:
>
> sc config klif start= demand
> sc config ftsata2 start= demand
>
> Copy the stuff between the === lines and save it as a .bat file then run
> the batch file (double click on it).
>
>
> =========================================
> rem first set of changes
>
> sc config Alerter= Disabled
> sc config ALG= Manual
> sc config AppMgmt= Manual
> sc config aspnet_state= Manual
> sc config Ati HotKey Poller= Manual
> sc config ATI Smart= Manual
> sc config AudioSrv= Auto
> sc config Automatic LiveUpdate Scheduler= Disabled
> sc config BITS= Manual
> sc config Browser= Manual
> sc config CiSvc= Manual
> sc config ClipSrv= Disabled
> sc config clr_optimization_v2.0.50727_32= Manual
> sc config COMSysApp= Manual
> sc config CryptSvc= Auto
> sc config DcomLaunch= Auto
> sc config Dhcp= Auto
> sc config dmadmin= Manual
> sc config dmserver= Manual
> sc config Dnscache= Manual
> sc config ERSvc= Manual
> sc config Eventlog= Auto
> sc config EventSystem= Manual
> sc config FastUserSwitchingCompatibility= Manual
> sc config Fax= Manual
> sc config FontCache3.0.0.0= Manual
> sc config GEARSecurity= Disabled
> sc config helpsvc= Auto
> sc config HidServ= Disabled
> sc config HTTPFilter= Manual
> sc config IDriverT= Manual
> sc config idsvc= Manual
> sc config Imapi Helper= Manual
> sc config ImapiService= Manual
> sc config lanmanserver= Disabled
> sc config lanmanworkstation= Auto
> sc config LexBceS= Auto
> sc config LiveUpdate= Manual
> sc config LmHosts= Manual
> sc config lxct_device= Auto
> sc config MBAMService= Manual
> sc config MDM= Manual
> sc config Messenger= Disabled
> sc config mnmsrvc= Manual
> sc config MSIServer= Manual
> sc config NetDDE= Disabled
> sc config NetDDEdsdm= Disabled
> sc config Netlogon= Manual
> sc config Netman= Manual
> sc config NetTcpPortSharing= Disabled
> sc config Nla= Manual
> sc config Norton AntiVirus= Auto
> sc config Norton Save and Restore= Auto
> sc config NProtectService= Auto
> sc config NtLmSsp= Manual
> sc config NtmsSvc= Manual
> sc config ose= Manual
> sc config PlugPlay= Auto
> sc config PolicyAgent= Manual
> sc config ProtectedStorage= Auto
> sc config psqlWGE= Manual
> sc config RasAuto= Disabled
> sc config RasMan= Manual
> sc config RDSessMgr= Manual
> sc config RemoteAccess= Disabled
> sc config RpcLocator= Manual
> sc config RpcSs= Auto
> sc config RSVP= Manual
> sc config SamSs= Auto
> sc config SCardSvr= Manual
> sc config Schedule= Auto
> sc config seclogon= Auto
> sc config SENS= Auto
> sc config SharedAccess= Auto
> sc config ShellHWDetection= Auto
> sc config Speed Disk service= Manual
> sc config Spooler= Auto
> sc config srservice= Auto
> sc config SSDPSRV= Manual
> sc config stisvc= Auto
> sc config SwPrv= Manual
> sc config Symantec RemoteAssist= Manual
> sc config SysmonLog= Manual
> sc config TapiSrv= Manual
> sc config TermService= Manual
> sc config Themes= Auto
> sc config TrkWks= Manual
> sc config upnphost= Manual
> sc config UPS= Manual
> sc config Viewpoint Manager Service= Auto
> sc config VSS= Manual
> sc config W32Time= Manual
> sc config WebClient= Manual
> sc config winmgmt= Auto
> sc config WmdmPmSN= Manual
> sc config WmiApSrv= Manual
> sc config WMPNetworkSvc= Manual
> sc config wscsvc= Disabled
> sc config wuauserv= Auto
> sc config WudfSvc= Manual
> sc config WZCSVC= Manual
> sc config xmlprov= Manual
> sc config klif start= demand
> sc config ftsata2 start= demand
> ============================================
>
> I'm still pretty busy with other things so I probably won't be back
> until much later on.
>
> John
>
> PS. Were you trying to disable Services with CodeStuff Starter or just
> items in the "Startups" tab?
First, this is an HP-Compaq Presario Desktop, late 2006 model.

The drives I am now testing with are IDE.

I can't give an honest answer about Startups versus Services.
Their onboard info is no minimal, I just had to grope.
BTW...your ATI fix. I don't know if it's carried over to this
clone. Should I do it routinely anyway?

I will do the above this afternoon. And thanks again for your
patience and perseverance.
Bill

Re: 2-hour hibernate failure

Posted: 11 Apr 2010, 17:21
by william b. lurie
John John - MVP wrote:
> William B. Lurie wrote:
>> This is a new thread. See old stuff for history.
>>
>> Okay, John, I'm using Clone2 and have started running your
>> investigatory programs.
>
> Is the computer a laptop or a desktop?
>
> Run the batch file below, it will change the following services:
>
> Ati HotKey Poller from Auto to Manual
> ATI Smart from Auto to Manual
> Browser from Auto to Manual
> Dnscache from Auto to Manual
> Eventlog from Manual to Auto
> lanmanserver from Auto to Manual
> LmHosts from Auto to Manual
> MDM from Auto to Manual
> psqlWGE from Auto to Manual
> Speed Disk service from Auto to Manual
> TermService from Auto to Manual
> TrkWks from Auto to Manual
> W32Time from Auto to Manual
> WebClient from Auto to Manual
> WZCSVC fom Auto to Manual
>
> and change previously discovered nonexistent drivers:
>
> sc config klif start= demand
> sc config ftsata2 start= demand
>
> Copy the stuff between the === lines and save it as a .bat file then run
> the batch file (double click on it).
>
>
> =========================================
> rem first set of changes
>
> sc config Alerter= Disabled
> sc config ALG= Manual
> sc config AppMgmt= Manual
> sc config aspnet_state= Manual
> sc config Ati HotKey Poller= Manual
> sc config ATI Smart= Manual
> sc config AudioSrv= Auto
> sc config Automatic LiveUpdate Scheduler= Disabled
> sc config BITS= Manual
> sc config Browser= Manual
> sc config CiSvc= Manual
> sc config ClipSrv= Disabled
> sc config clr_optimization_v2.0.50727_32= Manual
> sc config COMSysApp= Manual
> sc config CryptSvc= Auto
> sc config DcomLaunch= Auto
> sc config Dhcp= Auto
> sc config dmadmin= Manual
> sc config dmserver= Manual
> sc config Dnscache= Manual
> sc config ERSvc= Manual
> sc config Eventlog= Auto
> sc config EventSystem= Manual
> sc config FastUserSwitchingCompatibility= Manual
> sc config Fax= Manual
> sc config FontCache3.0.0.0= Manual
> sc config GEARSecurity= Disabled
> sc config helpsvc= Auto
> sc config HidServ= Disabled
> sc config HTTPFilter= Manual
> sc config IDriverT= Manual
> sc config idsvc= Manual
> sc config Imapi Helper= Manual
> sc config ImapiService= Manual
> sc config lanmanserver= Disabled
> sc config lanmanworkstation= Auto
> sc config LexBceS= Auto
> sc config LiveUpdate= Manual
> sc config LmHosts= Manual
> sc config lxct_device= Auto
> sc config MBAMService= Manual
> sc config MDM= Manual
> sc config Messenger= Disabled
> sc config mnmsrvc= Manual
> sc config MSIServer= Manual
> sc config NetDDE= Disabled
> sc config NetDDEdsdm= Disabled
> sc config Netlogon= Manual
> sc config Netman= Manual
> sc config NetTcpPortSharing= Disabled
> sc config Nla= Manual
> sc config Norton AntiVirus= Auto
> sc config Norton Save and Restore= Auto
> sc config NProtectService= Auto
> sc config NtLmSsp= Manual
> sc config NtmsSvc= Manual
> sc config ose= Manual
> sc config PlugPlay= Auto
> sc config PolicyAgent= Manual
> sc config ProtectedStorage= Auto
> sc config psqlWGE= Manual
> sc config RasAuto= Disabled
> sc config RasMan= Manual
> sc config RDSessMgr= Manual
> sc config RemoteAccess= Disabled
> sc config RpcLocator= Manual
> sc config RpcSs= Auto
> sc config RSVP= Manual
> sc config SamSs= Auto
> sc config SCardSvr= Manual
> sc config Schedule= Auto
> sc config seclogon= Auto
> sc config SENS= Auto
> sc config SharedAccess= Auto
> sc config ShellHWDetection= Auto
> sc config Speed Disk service= Manual
> sc config Spooler= Auto
> sc config srservice= Auto
> sc config SSDPSRV= Manual
> sc config stisvc= Auto
> sc config SwPrv= Manual
> sc config Symantec RemoteAssist= Manual
> sc config SysmonLog= Manual
> sc config TapiSrv= Manual
> sc config TermService= Manual
> sc config Themes= Auto
> sc config TrkWks= Manual
> sc config upnphost= Manual
> sc config UPS= Manual
> sc config Viewpoint Manager Service= Auto
> sc config VSS= Manual
> sc config W32Time= Manual
> sc config WebClient= Manual
> sc config winmgmt= Auto
> sc config WmdmPmSN= Manual
> sc config WmiApSrv= Manual
> sc config WMPNetworkSvc= Manual
> sc config wscsvc= Disabled
> sc config wuauserv= Auto
> sc config WudfSvc= Manual
> sc config WZCSVC= Manual
> sc config xmlprov= Manual
> sc config klif start= demand
> sc config ftsata2 start= demand
> ============================================
>
> I'm still pretty busy with other things so I probably won't be back
> until much later on.
>
> John
>
> PS. Were you trying to disable Services with CodeStuff Starter or just
> items in the "Startups" tab?
************************************************************
Continuing on, John, I did as requested above, and will let
it run to see what happens. Already I found that it removed my printers
so that I can't print out any events that get recorded. I don't
know if you intended that, o what else it disabled, but for this test,
I can live with it. More later. A couple of hours......
Bill

Re: 2-hour hibernate failure

Posted: 11 Apr 2010, 20:43
by william b. lurie
John John - MVP wrote:
(snip)
John, I did as requested and installed the .bat file
and restarted around 1:50 PM. After just about an hour
(I wasn't watching) it decided to restart, and I just
recorder the Events Logs. I don't see anything big
there, other than that at 2:36 the entry says
"WIA entered the running state". So I now have the
big list of services set as you asked, and something
caused WIA to enter the running state. I have only
one clue as to what might have rebooted the system....
I *thought* I saw my room lights flicker, but it was
not enough to cause the clocks on appliances to request
reset. It could have been brief power interruption,
enough to cause reboot.

I'm going to restart again on that clone system, and this evening
I'll check the Events Logs again. Here's what I got just now;
it's big but you can snip it.

> nformation 4/11/2010 8:07:37 AM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
> Information 4/10/2010 8:43:13 PM Norton AntiVirus None 35 SYSTEM COMPAQ-2006
> Information 4/10/2010 8:43:11 PM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
> Error 4/10/2010 7:43:58 PM COM+ (98) 4691 N/A COMPAQ-2006
> Error 4/10/2010 7:43:58 PM MSDTC Client (10) 4427 N/A COMPAQ-2006
> Information 4/10/2010 7:38:47 PM Norton Save and Restore Medium Priority 100 N/A COMPAQ-2006



Type Date Time Source Category Event User Computer
Success Audit 4/11/2010 3:04:04 PM Security Privilege Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:04:04 PM Security Logon/Logoff 528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:45 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 848 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:42 PM Security Privilege Use 576 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:42 PM Security Logon/Logoff 528 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Privilege Use 576 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff 528 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Privilege Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff 528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:17 PM Security Logon/Logoff 540
ANONYMOUS LOGON COMPAQ-2006
Success Audit 4/11/2010 3:03:10 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:10 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:09 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:09 PM Security Policy Change 806 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Privilege Use 576
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff 528
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Account Logon 680 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff 538
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Privilege Use 576
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff 528
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Account Logon 680 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security Privilege Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security Logon/Logoff 528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 518 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:33 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 848 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:30 PM Security Privilege Use 576 LOCAL
SERVICE COMPAQ-2006


Type Date Time Source Category Event User Computer
Information 4/11/2010 3:06:10 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:06:06 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
Compaq_Owner COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:21 PM SRTSP None 2003 N/A COMPAQ-2006
Information 4/11/2010 3:02:50 PM Tcpip None 4201 N/A COMPAQ-2006
Information 4/11/2010 3:03:05 PM eventlog None 6005 N/A COMPAQ-2006
Information 4/11/2010 3:03:05 PM eventlog None 6009 N/A COMPAQ-2006
Information 4/11/2010 2:36:09 PM Service Control Manager None 7036 N/A
COMPAQ-2006

Re: 2-hour hibernate failure

Posted: 12 Apr 2010, 00:31
by william b. lurie
William B. Lurie wrote:
> John John - MVP wrote:
> (snip)
> John, I did as requested and installed the .bat file
> and restarted around 1:50 PM. After just about an hour
> (I wasn't watching) it decided to restart, and I just
> recorder the Events Logs. I don't see anything big
> there, other than that at 2:36 the entry says
> "WIA entered the running state". So I now have the
> big list of services set as you asked, and something
> caused WIA to enter the running state. I have only
> one clue as to what might have rebooted the system....
> I *thought* I saw my room lights flicker, but it was
> not enough to cause the clocks on appliances to request
> reset. It could have been brief power interruption,
> enough to cause reboot.
>
> I'm going to restart again on that clone system, and this evening
> I'll check the Events Logs again. Here's what I got just now;
> it's big but you can snip it.
>
>> nformation 4/11/2010 8:07:37 AM Norton AntiVirus None
>> 34 SYSTEM COMPAQ-2006
>> Information 4/10/2010 8:43:13 PM Norton AntiVirus None
>> 35 SYSTEM COMPAQ-2006
>> Information 4/10/2010 8:43:11 PM Norton AntiVirus None
>> 34 SYSTEM COMPAQ-2006
>> Error 4/10/2010 7:43:58 PM COM+ (98) 4691 N/A
>> COMPAQ-2006
>> Error 4/10/2010 7:43:58 PM MSDTC Client (10) 4427
>> N/A COMPAQ-2006
>> Information 4/10/2010 7:38:47 PM Norton Save and Restore
>> Medium Priority 100 N/A COMPAQ-2006
>
>
>
> Type Date Time Source Category Event User Computer
> Success Audit 4/11/2010 3:04:04 PM Security Privilege
> Use 576 NETWORK
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:04:04 PM Security Logon/Logoff
> 528 NETWORK
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:45 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:43 PM Security Policy
> Change 848 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:42 PM Security Privilege
> Use 576 LOCAL
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:42 PM Security Logon/Logoff
> 528 LOCAL
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:41 PM Security Privilege
> Use 576 LOCAL
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff
> 528 LOCAL
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:41 PM Security Privilege
> Use 576 NETWORK
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff
> 528 NETWORK
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:17 PM Security Logon/Logoff
> 540
> ANONYMOUS LOGON COMPAQ-2006
> Success Audit 4/11/2010 3:03:10 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:10 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:09 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:09 PM Security Policy
> Change 806 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Privilege
> Use 576
> Compaq_Owner COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff
> 528
> Compaq_Owner COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Account
> Logon 680 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff
> 538
> Compaq_Owner COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Privilege
> Use 576
> Compaq_Owner COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff
> 528
> Compaq_Owner COMPAQ-2006
> Success Audit 4/11/2010 3:03:08 PM Security Account
> Logon 680 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security Privilege
> Use 576 NETWORK
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security Logon/Logoff
> 528 NETWORK
> SERVICE COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 518 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 3:03:05 PM Security System Event
> 514 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:33 PM Security System
> Event 515 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:32 PM Security Policy
> Change 850 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 849 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:31 PM Security Policy
> Change 848 SYSTEM
> COMPAQ-2006
> Success Audit 4/11/2010 12:02:30 PM Security Privilege
> Use 576 LOCAL
> SERVICE COMPAQ-2006
>
>
> Type Date Time Source Category Event User Computer
> Information 4/11/2010 3:06:10 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:06:06 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> Compaq_Owner COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
> Information 4/11/2010 3:04:39 PM Service Control Manager
> None 7035
> SYSTEM COMPAQ-2006
> Information 4/11/2010 3:04:21 PM SRTSP None 2003
> N/A COMPAQ-2006
> Information 4/11/2010 3:02:50 PM Tcpip None 4201
> N/A COMPAQ-2006
> Information 4/11/2010 3:03:05 PM eventlog None 6005
> N/A COMPAQ-2006
> Information 4/11/2010 3:03:05 PM eventlog None 6009
> N/A COMPAQ-2006
> Information 4/11/2010 2:36:09 PM Service Control Manager
> None 7036 N/A
> COMPAQ-2006
************************************************
And now the latest news:
I simply repeated the above run, from 3:45 to 7:15 PM,
and the Log shows no errors at all, and not even any
events to complain about. There was a repeat of the
7035/7936 'Info' events telling about WIA's involvement,
but no hint of it ever having been asked to hibernate,
or not to. Maybe this is almost the success you were
looking for....namely, nothing is *stopping* it from
hibernating.......now if you can resuscitate that, you
hit the jack pot. (And of course, restore the Printer
association, and whatever else you may have removed.
Bill
All times are UTC+01:00
Page 1 of 4

Powered by phpBB® Forum Software © phpBB Limited