2-hour hibernate failure

  • Thread starter Thread starter William B. Lurie
  • Start date Start date
W

William B. Lurie

This is a new thread. See old stuff for history.

Okay, John, I'm using Clone2 and have started running your
investigatory programs.
Service Name,Start Mode
Alerter,Disabled,
ALG,Manual,
AppMgmt,Manual,
aspnet_state,Manual,
Ati HotKey Poller,Auto,
ATI Smart,Auto,
AudioSrv,Auto,
Automatic LiveUpdate Scheduler,Disabled,
BITS,Manual,
Browser,Auto,
CiSvc,Manual,
ClipSrv,Disabled,
clr_optimization_v2.0.50727_32,Manual,
COMSysApp,Manual,
CryptSvc,Auto,
DcomLaunch,Auto,
Dhcp,Auto,
dmadmin,Manual,
dmserver,Manual,
Dnscache,Auto,
ERSvc,Manual,
Eventlog,Manual,
EventSystem,Manual,
FastUserSwitchingCompatibility,Manual,
Fax,Manual,
FontCache3.0.0.0,Manual,
GEARSecurity,Disabled,
helpsvc,Auto,
HidServ,Disabled,
HTTPFilter,Manual,
IDriverT,Manual,
idsvc,Manual,
Imapi Helper,Manual,
ImapiService,Manual,
lanmanserver,Auto,
lanmanworkstation,Auto,
LexBceS,Auto,
LiveUpdate,Manual,
LmHosts,Auto,
lxct_device,Auto,
MBAMService,Manual,
MDM,Auto,
Messenger,Disabled,
mnmsrvc,Manual,
MSIServer,Manual,
NetDDE,Disabled,
NetDDEdsdm,Disabled,
Netlogon,Manual,
Netman,Manual,
NetTcpPortSharing,Disabled,
Nla,Manual,
Norton AntiVirus,Auto,
Norton Save and Restore,Auto,
NProtectService,Auto,
NtLmSsp,Manual,
NtmsSvc,Manual,
ose,Manual,
PlugPlay,Auto,
PolicyAgent,Manual,
ProtectedStorage,Auto,
psqlWGE,Auto,
RasAuto,Disabled,
RasMan,Manual,
RDSessMgr,Manual,
RemoteAccess,Disabled,
RpcLocator,Manual,
RpcSs,Auto,
RSVP,Manual,
SamSs,Auto,
SCardSvr,Manual,
Schedule,Auto,
seclogon,Auto,
SENS,Auto,
SharedAccess,Auto,
ShellHWDetection,Auto,
Speed Disk service,Auto,
Spooler,Auto,
srservice,Auto,
SSDPSRV,Manual,
stisvc,Auto,
SwPrv,Manual,
Symantec RemoteAssist,Manual,
SysmonLog,Manual,
TapiSrv,Manual,
TermService,Auto,
Themes,Auto,
TrkWks,Auto,
upnphost,Manual,
UPS,Manual,
Viewpoint Manager Service,Auto,
VSS,Manual,
W32Time,Auto,
WebClient,Auto,
winmgmt,Auto,
WmdmPmSN,Manual,
WmiApSrv,Manual,
WMPNetworkSvc,Manual,
wscsvc,Disabled,
wuauserv,Auto,
WudfSvc,Manual,
WZCSVC,Auto,
xmlprov,Manual,
Click to expand...

That's one.
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.1.2600.2180
c:\windows\system32\rdpclip.exe
ab978e64b3cb5b78842bc2bdae19d0cd (MD5)
db49bb6158d12ea7dc9b28ef2ee857edb6015138 (SHA-1)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.1.2600.2180
c:\windows\system32\userinit.exe
39b1ffb03c2296323832acbae50d2aff (MD5)
e5aedcbe25a97c89101f1f3860ff846e94d70445 (SHA-1)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.0.2900.3156
c:\windows\explorer.exe
97bd6515465659ff8f3b7be375b2ea87 (MD5)
972307a3ef93680afdd03603df20f2241047a934 (SHA-1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Recguard
C:\WINDOWS\SMINST\RECGUARD.EXE
Recguard Application
6.0.54.0
c:\windows\sminst\recguard.exe
f3eaea279f09a7779c18793c87640794 (MD5)
142d5cc0e87bcbfd8d23ef12956a3ecef0208006 (SHA-1)
LXSUPMON
C:\WINDOWS\system32\LXSUPMON.EXE RUN
Supplies Monitor
Lexmark International Inc.
3.0.105.1
c:\windows\system32\lxsupmon.exe
bdbd516e37761ed51e602a54873d24cd (MD5)
648754b111c8d14ad6b028020534836286800796 (SHA-1)
HPBootOp
"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
HP Boot Optimizer
Hewlett-Packard Company
3.0.0.0
c:\program files\hewlett-packard\hp boot optimizer\hpbootop.exe
a789b145f17fa5c2326907f4872fe173 (MD5)
f04982c1c82b75b38e5da0ef838b6b2e753b3e6c (SHA-1)
NSWosCheck
"C:\Program Files\Norton SystemWorks Premier Edition\osCheck.exe"
osCheck
Symantec Corporation
12.0.0.52
c:\program files\norton systemworks premier edition\oscheck.exe
b9d7e074e0ee39ca1b6101ce0d7d8cc0 (MD5)
c38060885884970d123d9aac58633309c91f5289 (SHA-1)
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.1.0.4043
c:\program files\common files\real\update_ob\realsched.exe
28525d80ea1d33cf60b8ac318a5f1c82 (MD5)
d66a9b76f6982d905029492310a3b3b6f111f2cb (SHA-1)
SMSI Loader
C:\Program Files\Common Files\Smith Micro Shared\Fax\SMLoader.exe /PRNDRV
SMSI Loader
Smith Micro Software, Inc.
1.4.0.0
c:\program files\common files\smith micro shared\fax\smloader.exe
e8187ccc1ea4575584cd22b2ae0b29fa (MD5)
3f1d727057f1978fe0e65444ce0edfa3e70da45d (SHA-1)
NswUiTray
C:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
Norton SystemWorks System Tray Module
Symantec Corporation
12.0.0.52
c:\program files\norton systemworks premier edition\nswuitray.exe
342b0d08fdf4ddaa5ac01aec50f95d77 (MD5)
330e1c7495aa61e65d606acb8d7f00c87e582225 (SHA-1)
Norton Save and Restore 2.0
"C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
Tray Application
Symantec Corporation
2.0.7.29210
c:\program files\norton save and restore\agent\vprotray.exe
3ccbdad4dbc7f1feda9454a4f5f32526 (MD5)
5e9b559597c300ed28a4157e267fafbe3e546fb2 (SHA-1)
KernelFaultCheck
%systemroot%\system32\dumprep 0 -k
Windows Error Reporting Dump Reporting Tool
Microsoft Corporation
5.1.2600.2180
c:\windows\system32\dumprep.exe
13922eb54890c77005268882629a31fe (MD5)
0504e67f338bfe08a1a694dea598fecc603e6695 (SHA-1)
MSConfig
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
System Configuration Utility
Microsoft Corporation
5.1.2600.2764
c:\windows\pchealth\helpctr\binaries\msconfig.exe
3c60aefa68efa2c4d13ab6b68fe82b81 (MD5)
abdb5d622a86473732671f5d5d2d7ba458af656e (SHA-1)
lxctmon.exe
"C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
Device Monitor
0.1.25.0
c:\program files\lexmark 5400 series\lxctmon.exe
623f89715522b2f4e14a1a21d4fc272a (MD5)
83caaed7b3c6c9698bdb8964eda44acbfbc48b4e (SHA-1)
Lexmark 5400 Series Fax Server
"C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
Fax Man Server
0.1.4.1
c:\program files\lexmark 5400 series\fm3032.exe
6c9fb7a576813630c7f0ac9244c5b5d6 (MD5)
7fd7485f93cd0bfc0904dbb5f260f3c54b1cbc63 (SHA-1)
EzPrint
"C:\Program Files\Lexmark 5400 Series\ezprint.exe"
Lexmark Fast Pics Application
Lexmark International Inc.
2.0.40.0
c:\program files\lexmark 5400 series\ezprint.exe
404f68eaa178e29d2a96121a5184bc70 (MD5)
b8a6345ce3672c988d93700e235d8d6965f36072 (SHA-1)
LXCTCATS
rundll32 C:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
Lexmark Connect Timer DLL
Lexmark International Inc.
1.20.0.0
c:\windows\system32\spool\drivers\w32x86\3\lxcttime.dll
e9b2e1938b478881a0ce79b6bb9ac31c (MD5)
56d5749513073983c7bfb2fe1cabc88fc73a6726 (SHA-1)
Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe Acrobat SpeedLauncher
Adobe Systems Incorporated
9.3.0.148
c:\program files\adobe\reader 9.0\reader\reader_sl.exe
466ce40eaa865752f4930a472563e4e1 (MD5)
e2f61f354d97b75638da96efa73309cf837e8b7a (SHA-1)
Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Adobe Reader and Acrobat Manager
Adobe Systems Incorporated
1.1.5.0
c:\program files\common files\adobe\arm\1.0\adobearm.exe
73bb442a717b9bb0097c243374c14a3e (MD5)
a8624bdf847a13ff5eaf9fea5302ca5f181ae9dc (SHA-1)
RTHDCPL
RTHDCPL.EXE
Realtek HD Audio Control Panel
Realtek Semiconductor Corp.
2.2.6.2
c:\windows\rthdcpl.exe
b5dbe74457d015ec8d4f2cd43d52906d (MD5)
f949ae47a20745d705cfc697e99cf2943ba87fae (SHA-1)
Alcmtr
ALCMTR.EXE
Realtek Azalia Audio - Event Monitor
Realtek Semiconductor Corp.
1.6.0.3
c:\windows\alcmtr.exe
ea31039e691c6f8f5469649526eea5fb (MD5)
529f2e778b0a17377e93c19caa05f8a87138ffcd (SHA-1)
ISUSPM Startup
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
InstallShield Update Service Update Manager
InstallShield Software Corporation
3.10.100.1155
c:\program files\common files\installshield\updateservice\isuspm.exe
fb9e5c251cf6c37749f296bacb34a69b (MD5)
726df7171d5f28f922d6a258cdb6b0c18a257c91 (SHA-1)
QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
QuickTime Task
Apple Inc.
7.6.5.0
c:\program files\quicktime\qttask.exe
55d7a219ad8d0db8980528944152a6fd (MD5)
8d1ac5c5424b24a2f79f91fb67aa4107ed766444 (SHA-1)

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\windows\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.1.2600.2180
c:\windows\system32\ctfmon.exe
24232996a38c0b0cf151c2140ae29fc8 (MD5)
b36d03b56a30187ffc6257459d632a4faac48af2 (SHA-1)
Gadwin PrintScreen
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
Gadwin PrintScreen
Gadwin Systems, Inc
4.3.0.0
c:\program files\gadwin systems\printscreen\printscreen.exe
270a7537f750ee66ee41be987cbc0146 (MD5)
5ce9246b7a4808cde629318d46e70e4829b67e00 (SHA-1)
Click to expand...

And there's the other. I'm running the Clone now as a fully operational
system, online, with AV protection. If and when you ask me to make
any changes and tests that might be affected, I can pull the phone plug.
 
William said:
This is a new thread. See old stuff for history.

Okay, John, I'm using Clone2 and have started running your
investigatory programs.


That's one.


And there's the other. I'm running the Clone now as a fully operational
system, online, with AV protection.
Click to expand...

Is Norton providing firewall protection?

Also, please provide the results of the "net start" and "tasklist /svc"
commands.

John
 
John said:
Is Norton providing firewall protection?

Also, please provide the results of the "net start" and "tasklist /svc"
commands.

John
Click to expand...
Norton firewall? I really don't know, John. I know I
have Windows Firewall on..... I'll check and advise.
Now you asked for:

These Windows services are started:

Application Layer Gateway Service
Ati HotKey Poller
Automatic Updates
Background Intelligent Transfer Service
COM+ Event System
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
Event Log
Fast User Switching Compatibility
Help and Support
LexBce Server
lxct_device
Machine Debug Manager
Network Connections
Network Location Awareness (NLA)
Norton AntiVirus
Norton Save and Restore
Norton UnErase Protection
Pervasive PSQL Workgroup Engine
Plug and Play
Print Spooler
Protected Storage
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Server
Shell Hardware Detection
Speed Disk service
SSDP Discovery Service
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
Viewpoint Manager Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.


Image Name PID Services

========================= ======
=============================================
System Idle Process 0 N/A

System 4 N/A

smss.exe 1200 N/A

csrss.exe 1280 N/A

winlogon.exe 1312 N/A

services.exe 1356 Eventlog, PlugPlay

lsass.exe 1368 ProtectedStorage, SamSs

ati2evxx.exe 1528 Ati HotKey Poller

svchost.exe 1548 DcomLaunch, TermService

svchost.exe 1672 RpcSs

svchost.exe 1840 AudioSrv, BITS, CryptSvc, Dhcp,
EventSystem,
FastUserSwitchingCompatibility,
helpsvc,
lanmanserver, lanmanworkstation,
Netman,
Nla, RasMan, Schedule, seclogon, SENS,

SharedAccess, ShellHWDetection,
TapiSrv,
Themes, TrkWks, W32Time, winmgmt,
wuauserv,
WZCSVC

svchost.exe 1916 Dnscache

ati2evxx.exe 204 N/A

svchost.exe 240 LmHosts, SSDPSRV

explorer.exe 696 N/A

LEXBCES.EXE 772 LexBceS

spoolsv.exe 824 Spooler

LEXPPS.EXE 860 N/A

svchost.exe 1068 WebClient

lxctcoms.exe 1216 lxct_device

LXSUPMON.EXE 1444 N/A

MDM.EXE 1576 MDM

realsched.exe 1824 N/A

SMLoader.exe 1832 N/A

NswUiTray.exe 1864 N/A

VProTray.exe 1892 N/A

lxctmon.exe 1972 N/A

ccSvcHst.exe 1980 Norton AntiVirus

ezprint.exe 2024 N/A

RTHDCPL.EXE 156 N/A

VProSvc.exe 292 Norton Save and Restore

ctfmon.exe 596 N/A

PrintScreen.exe 584 N/A

NPROTECT.EXE 1640 NProtectService

w3dbsmgr.exe 1936 psqlWGE

NOPDB.exe 2352 Speed Disk service

svchost.exe 2392 stisvc

ViewpointService.exe 2492 Viewpoint Manager Service

ccSvcHst.exe 3464 N/A

alg.exe 3952 ALG

hpsysdrv.exe 1332 N/A

issch.exe 992 N/A

thunderbird.exe 3680 N/A

cmd.exe 448 N/A

tasklist.exe 540 N/A

wmiprvse.exe 728 N/A
 
John John - MVP wrote:
(snip)>
Is Norton providing firewall protection?
Click to expand...

The answer is *no*, John. They say they don't have
one so that each user can use a Firewall of his choice.Bill
 
William said:
Norton firewall? I really don't know, John. I know I
have Windows Firewall on..... I'll check and advise.
Now you asked for:

These Windows services are started:

Application Layer Gateway Service
Ati HotKey Poller
Automatic Updates
Background Intelligent Transfer Service
COM+ Event System
Cryptographic Services
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
DNS Client
Event Log
Fast User Switching Compatibility
Help and Support
LexBce Server
lxct_device
Machine Debug Manager
Network Connections
Network Location Awareness (NLA)
Norton AntiVirus
Norton Save and Restore
Norton UnErase Protection
Pervasive PSQL Workgroup Engine
Plug and Play
Print Spooler
Protected Storage
Remote Access Connection Manager
Remote Procedure Call (RPC)
Secondary Logon
Security Accounts Manager
Server
Shell Hardware Detection
Speed Disk service
SSDP Discovery Service
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
Viewpoint Manager Service
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Image Acquisition (WIA)
Windows Management Instrumentation
Windows Time
Wireless Zero Configuration
Workstation

The command completed successfully.


Image Name PID Services
========================= ======
=============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 1200 N/A
csrss.exe 1280 N/A
winlogon.exe 1312 N/A
services.exe 1356 Eventlog, PlugPlay
lsass.exe 1368 ProtectedStorage, SamSs
ati2evxx.exe 1528 Ati HotKey Poller
svchost.exe 1548 DcomLaunch, TermService
svchost.exe 1672 RpcSs
svchost.exe 1840 AudioSrv, BITS, CryptSvc, Dhcp,
EventSystem,
FastUserSwitchingCompatibility, helpsvc,
lanmanserver, lanmanworkstation, Netman,
Nla, RasMan, Schedule, seclogon, SENS,
SharedAccess, ShellHWDetection, TapiSrv,
Themes, TrkWks, W32Time, winmgmt,
wuauserv,
WZCSVC
svchost.exe 1916 Dnscache
ati2evxx.exe 204 N/A
svchost.exe 240 LmHosts, SSDPSRV
explorer.exe 696 N/A
LEXBCES.EXE 772 LexBceS
spoolsv.exe 824 Spooler
LEXPPS.EXE 860 N/A
svchost.exe 1068 WebClient
lxctcoms.exe 1216 lxct_device
LXSUPMON.EXE 1444 N/A
MDM.EXE 1576 MDM
realsched.exe 1824 N/A
SMLoader.exe 1832 N/A
NswUiTray.exe 1864 N/A
VProTray.exe 1892 N/A
lxctmon.exe 1972 N/A
ccSvcHst.exe 1980 Norton AntiVirus
ezprint.exe 2024 N/A
RTHDCPL.EXE 156 N/A
VProSvc.exe 292 Norton Save and Restore
ctfmon.exe 596 N/A
PrintScreen.exe 584 N/A
NPROTECT.EXE 1640 NProtectService
w3dbsmgr.exe 1936 psqlWGE
NOPDB.exe 2352 Speed Disk service
svchost.exe 2392 stisvc
ViewpointService.exe 2492 Viewpoint Manager Service
ccSvcHst.exe 3464 N/A
alg.exe 3952 ALG
hpsysdrv.exe 1332 N/A
issch.exe 992 N/A
thunderbird.exe 3680 N/A
cmd.exe 448 N/A
tasklist.exe 540 N/A
wmiprvse.exe 728 N/A
Click to expand...

I'm still quite busy with other things but in the meantime you should
take a look at your startup programs and decide what is really needed
and what is nothing more than useless clutter. There is nothing wrong
with startup programs, some can be really useful or even necessary for
your personal needs. But keep in mind that a lot of programs set
themselves up to start when you boot the computer and that most of them
need not start when the computer boots, all they do is slow down your
boot time and clutter up things when you try to troubleshoot problems,
and some are outright pests!

I mean, do you really need things like Real Scheduler and Gadwin Print
Screen running all the time? These programs will run just fine even if
they aren't started automatically every time you boot the computer. Go
in these programs and change/disable their startup option. Some can be
difficult to kill so helper utilities can be helpful when trying to
control startup programs. Try CodeStuff Starter, it's safe and easy to
use, I think you will like it, get it here:
http://codestuff.tripod.com/products_starter.html

I can't tell you which startup items to keep, it's a personal
preference, but pretty well all the startup items shown by CodeStuff
Starter are safe to disable, and the changes are easy to reverse if you
change your mind. Research the items it shows you and decide whether or
not these things are really useful or needed. Some programs will set
themselves to start at boot time without your knowledge and with time
the list can grow to include useless pests, part of good computer
maintenance includes regular check of these startup items and removal of
the useless ones.

John
 
John said:
I'm still quite busy with other things but in the meantime you should
take a look at your startup programs and decide what is really needed
and what is nothing more than useless clutter. There is nothing wrong
with startup programs, some can be really useful or even necessary for
your personal needs. But keep in mind that a lot of programs set
themselves up to start when you boot the computer and that most of them
need not start when the computer boots, all they do is slow down your
boot time and clutter up things when you try to troubleshoot problems,
and some are outright pests!

I mean, do you really need things like Real Scheduler and Gadwin Print
Screen running all the time? These programs will run just fine even if
they aren't started automatically every time you boot the computer. Go
in these programs and change/disable their startup option. Some can be
difficult to kill so helper utilities can be helpful when trying to
control startup programs. Try CodeStuff Starter, it's safe and easy to
use, I think you will like it, get it here:
http://codestuff.tripod.com/products_starter.html

I can't tell you which startup items to keep, it's a personal
preference, but pretty well all the startup items shown by CodeStuff
Starter are safe to disable, and the changes are easy to reverse if you
change your mind. Research the items it shows you and decide whether or
not these things are really useful or needed. Some programs will set
themselves to start at boot time without your knowledge and with time
the list can grow to include useless pests, part of good computer
maintenance includes regular check of these startup items and removal of
the useless ones.

John
Click to expand...
Thanks, John, I'll download Starter and see what it tells me.
There's a lot that I don't use every day that I just let load
for convenience.
 
John said:
I mean, do you really need things like Real Scheduler and Gadwin Print
Screen running all the time? These programs will run just fine even if
they aren't started automatically every time you boot the computer. Go
in these programs and change/disable their startup option. Some can be
difficult to kill so helper utilities can be helpful when trying to
control startup programs. Try CodeStuff Starter, it's safe and easy to
use, I think you will like it, get it here:
http://codestuff.tripod.com/products_starter.html

I can't tell you which startup items to keep, it's a personal
preference, but pretty well all the startup items shown by CodeStuff
Starter are safe to disable, and the changes are easy to reverse if you
change your mind. Research the items it shows you and decide whether or
not these things are really useful or needed. Some programs will set
themselves to start at boot time without your knowledge and with time
the list can grow to include useless pests, part of good computer
maintenance includes regular check of these startup items and removal of
the useless ones.

John
Click to expand...

Okay, John, I installed and ran Starter but of the 20-odd items, half
are mystery items, system items (ctfmon. etcetera) that I don't dare
touch. I'll study it some more and x-out a bunch, but I have no
confidence that it will affect the hibernate problem at all. Think
about it when you can spare the time.
Bill
 
William said:
Okay, John, I installed and ran Starter but of the 20-odd items, half
are mystery items, system items (ctfmon. etcetera) that I don't dare
touch. I'll study it some more and x-out a bunch, but I have no
confidence that it will affect the hibernate problem at all. Think
about it when you can spare the time.
Bill
Click to expand...
After some hours on and off of using Starter very minimally, I find
that it has done something very disturbing to the way the system boots.
I get the black screen with Windows logo, and then the first blue
screen, and it never gets to the blue Welcome screen or desktop by
itself. I've done it 3 times, and it now always has to be booted using
F8 and last-system-that-worked. After the last successful start by that
method, I did a chkdsk/r which revealed nothing, and I'm a bit
disenchanted by this setback. And I know you're right about loading
more than is always required, but the only harm it really does is to
load programs, some of which seem to be causing the hibernate
malfunction. I don't want to fix what ain't broke, only what *is*
broke. I'm going to uninstall Starter and see if my system will get
back to where it boots all the way.
 
William said:
After some hours on and off of using Starter very minimally, I find
that it has done something very disturbing to the way the system boots.
I get the black screen with Windows logo, and then the first blue
screen, and it never gets to the blue Welcome screen or desktop by
itself.
Click to expand...
 
William said:
After some hours on and off of using Starter very minimally, I find
that it has done something very disturbing to the way the system boots.
I get the black screen with Windows logo, and then the first blue
screen, and it never gets to the blue Welcome screen or desktop by
itself. I've done it 3 times, and it now always has to be booted using
F8 and last-system-that-worked. After the last successful start by that
method, I did a chkdsk/r which revealed nothing, and I'm a bit
disenchanted by this setback. And I know you're right about loading
more than is always required, but the only harm it really does is to
load programs, some of which seem to be causing the hibernate
malfunction. I don't want to fix what ain't broke, only what *is*
broke. I'm going to uninstall Starter and see if my system will get
back to where it boots all the way.
Click to expand...

Are you only disabling items in the "Startups" tab? Don't try to delete
or change anything shown in the "Processes" tab! In any case I think
that the the utility is quite straightforward, there is nothing really
to disable in the Processes tab and trying to delete files in that tab
is not really something that one would intuitively try!

I find it very, very fishy that disabling startup items shown in
CodeStuff's Startup tab would cripple the machine or prevent it from
booting. Quite frankly this is plain just not right, there is something
else at play on your machine. Perhaps you should reinstall CodeStuff an
then in the File menu click on:

Export -> Registry -> All Sections

and save the export file as a text file then post the contents of the
file here.

John
 
William said:
This is a new thread. See old stuff for history.

Okay, John, I'm using Clone2 and have started running your
investigatory programs.
Click to expand...

Is the computer a laptop or a desktop?

Run the batch file below, it will change the following services:

Ati HotKey Poller from Auto to Manual
ATI Smart from Auto to Manual
Browser from Auto to Manual
Dnscache from Auto to Manual
Eventlog from Manual to Auto
lanmanserver from Auto to Manual
LmHosts from Auto to Manual
MDM from Auto to Manual
psqlWGE from Auto to Manual
Speed Disk service from Auto to Manual
TermService from Auto to Manual
TrkWks from Auto to Manual
W32Time from Auto to Manual
WebClient from Auto to Manual
WZCSVC fom Auto to Manual

and change previously discovered nonexistent drivers:

sc config klif start= demand
sc config ftsata2 start= demand

Copy the stuff between the === lines and save it as a .bat file then run
the batch file (double click on it).


=========================================
rem first set of changes

sc config Alerter= Disabled
sc config ALG= Manual
sc config AppMgmt= Manual
sc config aspnet_state= Manual
sc config Ati HotKey Poller= Manual
sc config ATI Smart= Manual
sc config AudioSrv= Auto
sc config Automatic LiveUpdate Scheduler= Disabled
sc config BITS= Manual
sc config Browser= Manual
sc config CiSvc= Manual
sc config ClipSrv= Disabled
sc config clr_optimization_v2.0.50727_32= Manual
sc config COMSysApp= Manual
sc config CryptSvc= Auto
sc config DcomLaunch= Auto
sc config Dhcp= Auto
sc config dmadmin= Manual
sc config dmserver= Manual
sc config Dnscache= Manual
sc config ERSvc= Manual
sc config Eventlog= Auto
sc config EventSystem= Manual
sc config FastUserSwitchingCompatibility= Manual
sc config Fax= Manual
sc config FontCache3.0.0.0= Manual
sc config GEARSecurity= Disabled
sc config helpsvc= Auto
sc config HidServ= Disabled
sc config HTTPFilter= Manual
sc config IDriverT= Manual
sc config idsvc= Manual
sc config Imapi Helper= Manual
sc config ImapiService= Manual
sc config lanmanserver= Disabled
sc config lanmanworkstation= Auto
sc config LexBceS= Auto
sc config LiveUpdate= Manual
sc config LmHosts= Manual
sc config lxct_device= Auto
sc config MBAMService= Manual
sc config MDM= Manual
sc config Messenger= Disabled
sc config mnmsrvc= Manual
sc config MSIServer= Manual
sc config NetDDE= Disabled
sc config NetDDEdsdm= Disabled
sc config Netlogon= Manual
sc config Netman= Manual
sc config NetTcpPortSharing= Disabled
sc config Nla= Manual
sc config Norton AntiVirus= Auto
sc config Norton Save and Restore= Auto
sc config NProtectService= Auto
sc config NtLmSsp= Manual
sc config NtmsSvc= Manual
sc config ose= Manual
sc config PlugPlay= Auto
sc config PolicyAgent= Manual
sc config ProtectedStorage= Auto
sc config psqlWGE= Manual
sc config RasAuto= Disabled
sc config RasMan= Manual
sc config RDSessMgr= Manual
sc config RemoteAccess= Disabled
sc config RpcLocator= Manual
sc config RpcSs= Auto
sc config RSVP= Manual
sc config SamSs= Auto
sc config SCardSvr= Manual
sc config Schedule= Auto
sc config seclogon= Auto
sc config SENS= Auto
sc config SharedAccess= Auto
sc config ShellHWDetection= Auto
sc config Speed Disk service= Manual
sc config Spooler= Auto
sc config srservice= Auto
sc config SSDPSRV= Manual
sc config stisvc= Auto
sc config SwPrv= Manual
sc config Symantec RemoteAssist= Manual
sc config SysmonLog= Manual
sc config TapiSrv= Manual
sc config TermService= Manual
sc config Themes= Auto
sc config TrkWks= Manual
sc config upnphost= Manual
sc config UPS= Manual
sc config Viewpoint Manager Service= Auto
sc config VSS= Manual
sc config W32Time= Manual
sc config WebClient= Manual
sc config winmgmt= Auto
sc config WmdmPmSN= Manual
sc config WmiApSrv= Manual
sc config WMPNetworkSvc= Manual
sc config wscsvc= Disabled
sc config wuauserv= Auto
sc config WudfSvc= Manual
sc config WZCSVC= Manual
sc config xmlprov= Manual
sc config klif start= demand
sc config ftsata2 start= demand
============================================

I'm still pretty busy with other things so I probably won't be back
until much later on.

John

PS. Were you trying to disable Services with CodeStuff Starter or just
items in the "Startups" tab?
 
John said:
Is the computer a laptop or a desktop?

Run the batch file below, it will change the following services:

Ati HotKey Poller from Auto to Manual
ATI Smart from Auto to Manual
Browser from Auto to Manual
Dnscache from Auto to Manual
Eventlog from Manual to Auto
lanmanserver from Auto to Manual
LmHosts from Auto to Manual
MDM from Auto to Manual
psqlWGE from Auto to Manual
Speed Disk service from Auto to Manual
TermService from Auto to Manual
TrkWks from Auto to Manual
W32Time from Auto to Manual
WebClient from Auto to Manual
WZCSVC fom Auto to Manual

and change previously discovered nonexistent drivers:

sc config klif start= demand
sc config ftsata2 start= demand

Copy the stuff between the === lines and save it as a .bat file then run
the batch file (double click on it).


=========================================
rem first set of changes

sc config Alerter= Disabled
sc config ALG= Manual
sc config AppMgmt= Manual
sc config aspnet_state= Manual
sc config Ati HotKey Poller= Manual
sc config ATI Smart= Manual
sc config AudioSrv= Auto
sc config Automatic LiveUpdate Scheduler= Disabled
sc config BITS= Manual
sc config Browser= Manual
sc config CiSvc= Manual
sc config ClipSrv= Disabled
sc config clr_optimization_v2.0.50727_32= Manual
sc config COMSysApp= Manual
sc config CryptSvc= Auto
sc config DcomLaunch= Auto
sc config Dhcp= Auto
sc config dmadmin= Manual
sc config dmserver= Manual
sc config Dnscache= Manual
sc config ERSvc= Manual
sc config Eventlog= Auto
sc config EventSystem= Manual
sc config FastUserSwitchingCompatibility= Manual
sc config Fax= Manual
sc config FontCache3.0.0.0= Manual
sc config GEARSecurity= Disabled
sc config helpsvc= Auto
sc config HidServ= Disabled
sc config HTTPFilter= Manual
sc config IDriverT= Manual
sc config idsvc= Manual
sc config Imapi Helper= Manual
sc config ImapiService= Manual
sc config lanmanserver= Disabled
sc config lanmanworkstation= Auto
sc config LexBceS= Auto
sc config LiveUpdate= Manual
sc config LmHosts= Manual
sc config lxct_device= Auto
sc config MBAMService= Manual
sc config MDM= Manual
sc config Messenger= Disabled
sc config mnmsrvc= Manual
sc config MSIServer= Manual
sc config NetDDE= Disabled
sc config NetDDEdsdm= Disabled
sc config Netlogon= Manual
sc config Netman= Manual
sc config NetTcpPortSharing= Disabled
sc config Nla= Manual
sc config Norton AntiVirus= Auto
sc config Norton Save and Restore= Auto
sc config NProtectService= Auto
sc config NtLmSsp= Manual
sc config NtmsSvc= Manual
sc config ose= Manual
sc config PlugPlay= Auto
sc config PolicyAgent= Manual
sc config ProtectedStorage= Auto
sc config psqlWGE= Manual
sc config RasAuto= Disabled
sc config RasMan= Manual
sc config RDSessMgr= Manual
sc config RemoteAccess= Disabled
sc config RpcLocator= Manual
sc config RpcSs= Auto
sc config RSVP= Manual
sc config SamSs= Auto
sc config SCardSvr= Manual
sc config Schedule= Auto
sc config seclogon= Auto
sc config SENS= Auto
sc config SharedAccess= Auto
sc config ShellHWDetection= Auto
sc config Speed Disk service= Manual
sc config Spooler= Auto
sc config srservice= Auto
sc config SSDPSRV= Manual
sc config stisvc= Auto
sc config SwPrv= Manual
sc config Symantec RemoteAssist= Manual
sc config SysmonLog= Manual
sc config TapiSrv= Manual
sc config TermService= Manual
sc config Themes= Auto
sc config TrkWks= Manual
sc config upnphost= Manual
sc config UPS= Manual
sc config Viewpoint Manager Service= Auto
sc config VSS= Manual
sc config W32Time= Manual
sc config WebClient= Manual
sc config winmgmt= Auto
sc config WmdmPmSN= Manual
sc config WmiApSrv= Manual
sc config WMPNetworkSvc= Manual
sc config wscsvc= Disabled
sc config wuauserv= Auto
sc config WudfSvc= Manual
sc config WZCSVC= Manual
sc config xmlprov= Manual
sc config klif start= demand
sc config ftsata2 start= demand
============================================

I'm still pretty busy with other things so I probably won't be back
until much later on.

John

PS. Were you trying to disable Services with CodeStuff Starter or just
items in the "Startups" tab?
Click to expand...
First, this is an HP-Compaq Presario Desktop, late 2006 model.

The drives I am now testing with are IDE.

I can't give an honest answer about Startups versus Services.
Their onboard info is no minimal, I just had to grope.
BTW...your ATI fix. I don't know if it's carried over to this
clone. Should I do it routinely anyway?

I will do the above this afternoon. And thanks again for your
patience and perseverance.
Bill
 
John said:
Is the computer a laptop or a desktop?

Run the batch file below, it will change the following services:

Ati HotKey Poller from Auto to Manual
ATI Smart from Auto to Manual
Browser from Auto to Manual
Dnscache from Auto to Manual
Eventlog from Manual to Auto
lanmanserver from Auto to Manual
LmHosts from Auto to Manual
MDM from Auto to Manual
psqlWGE from Auto to Manual
Speed Disk service from Auto to Manual
TermService from Auto to Manual
TrkWks from Auto to Manual
W32Time from Auto to Manual
WebClient from Auto to Manual
WZCSVC fom Auto to Manual

and change previously discovered nonexistent drivers:

sc config klif start= demand
sc config ftsata2 start= demand

Copy the stuff between the === lines and save it as a .bat file then run
the batch file (double click on it).


=========================================
rem first set of changes

sc config Alerter= Disabled
sc config ALG= Manual
sc config AppMgmt= Manual
sc config aspnet_state= Manual
sc config Ati HotKey Poller= Manual
sc config ATI Smart= Manual
sc config AudioSrv= Auto
sc config Automatic LiveUpdate Scheduler= Disabled
sc config BITS= Manual
sc config Browser= Manual
sc config CiSvc= Manual
sc config ClipSrv= Disabled
sc config clr_optimization_v2.0.50727_32= Manual
sc config COMSysApp= Manual
sc config CryptSvc= Auto
sc config DcomLaunch= Auto
sc config Dhcp= Auto
sc config dmadmin= Manual
sc config dmserver= Manual
sc config Dnscache= Manual
sc config ERSvc= Manual
sc config Eventlog= Auto
sc config EventSystem= Manual
sc config FastUserSwitchingCompatibility= Manual
sc config Fax= Manual
sc config FontCache3.0.0.0= Manual
sc config GEARSecurity= Disabled
sc config helpsvc= Auto
sc config HidServ= Disabled
sc config HTTPFilter= Manual
sc config IDriverT= Manual
sc config idsvc= Manual
sc config Imapi Helper= Manual
sc config ImapiService= Manual
sc config lanmanserver= Disabled
sc config lanmanworkstation= Auto
sc config LexBceS= Auto
sc config LiveUpdate= Manual
sc config LmHosts= Manual
sc config lxct_device= Auto
sc config MBAMService= Manual
sc config MDM= Manual
sc config Messenger= Disabled
sc config mnmsrvc= Manual
sc config MSIServer= Manual
sc config NetDDE= Disabled
sc config NetDDEdsdm= Disabled
sc config Netlogon= Manual
sc config Netman= Manual
sc config NetTcpPortSharing= Disabled
sc config Nla= Manual
sc config Norton AntiVirus= Auto
sc config Norton Save and Restore= Auto
sc config NProtectService= Auto
sc config NtLmSsp= Manual
sc config NtmsSvc= Manual
sc config ose= Manual
sc config PlugPlay= Auto
sc config PolicyAgent= Manual
sc config ProtectedStorage= Auto
sc config psqlWGE= Manual
sc config RasAuto= Disabled
sc config RasMan= Manual
sc config RDSessMgr= Manual
sc config RemoteAccess= Disabled
sc config RpcLocator= Manual
sc config RpcSs= Auto
sc config RSVP= Manual
sc config SamSs= Auto
sc config SCardSvr= Manual
sc config Schedule= Auto
sc config seclogon= Auto
sc config SENS= Auto
sc config SharedAccess= Auto
sc config ShellHWDetection= Auto
sc config Speed Disk service= Manual
sc config Spooler= Auto
sc config srservice= Auto
sc config SSDPSRV= Manual
sc config stisvc= Auto
sc config SwPrv= Manual
sc config Symantec RemoteAssist= Manual
sc config SysmonLog= Manual
sc config TapiSrv= Manual
sc config TermService= Manual
sc config Themes= Auto
sc config TrkWks= Manual
sc config upnphost= Manual
sc config UPS= Manual
sc config Viewpoint Manager Service= Auto
sc config VSS= Manual
sc config W32Time= Manual
sc config WebClient= Manual
sc config winmgmt= Auto
sc config WmdmPmSN= Manual
sc config WmiApSrv= Manual
sc config WMPNetworkSvc= Manual
sc config wscsvc= Disabled
sc config wuauserv= Auto
sc config WudfSvc= Manual
sc config WZCSVC= Manual
sc config xmlprov= Manual
sc config klif start= demand
sc config ftsata2 start= demand
============================================

I'm still pretty busy with other things so I probably won't be back
until much later on.

John

PS. Were you trying to disable Services with CodeStuff Starter or just
items in the "Startups" tab?
Click to expand...
************************************************************
Continuing on, John, I did as requested above, and will let
it run to see what happens. Already I found that it removed my printers
so that I can't print out any events that get recorded. I don't
know if you intended that, o what else it disabled, but for this test,
I can live with it. More later. A couple of hours......
Bill
 
John John - MVP wrote:
(snip)
John, I did as requested and installed the .bat file
and restarted around 1:50 PM. After just about an hour
(I wasn't watching) it decided to restart, and I just
recorder the Events Logs. I don't see anything big
there, other than that at 2:36 the entry says
"WIA entered the running state". So I now have the
big list of services set as you asked, and something
caused WIA to enter the running state. I have only
one clue as to what might have rebooted the system....
I *thought* I saw my room lights flicker, but it was
not enough to cause the clocks on appliances to request
reset. It could have been brief power interruption,
enough to cause reboot.

I'm going to restart again on that clone system, and this evening
I'll check the Events Logs again. Here's what I got just now;
it's big but you can snip it.
nformation 4/11/2010 8:07:37 AM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
Information 4/10/2010 8:43:13 PM Norton AntiVirus None 35 SYSTEM COMPAQ-2006
Information 4/10/2010 8:43:11 PM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
Error 4/10/2010 7:43:58 PM COM+ (98) 4691 N/A COMPAQ-2006
Error 4/10/2010 7:43:58 PM MSDTC Client (10) 4427 N/A COMPAQ-2006
Information 4/10/2010 7:38:47 PM Norton Save and Restore Medium Priority 100 N/A COMPAQ-2006
Click to expand...



Type Date Time Source Category Event User Computer
Success Audit 4/11/2010 3:04:04 PM Security Privilege Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:04:04 PM Security Logon/Logoff 528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:45 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy Change 848 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:42 PM Security Privilege Use 576 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:42 PM Security Logon/Logoff 528 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Privilege Use 576 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff 528 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Privilege Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff 528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:17 PM Security Logon/Logoff 540
ANONYMOUS LOGON COMPAQ-2006
Success Audit 4/11/2010 3:03:10 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:10 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:09 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:09 PM Security Policy Change 806 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Privilege Use 576
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff 528
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Account Logon 680 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff 538
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Privilege Use 576
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff 528
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Account Logon 680 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security Privilege Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security Logon/Logoff 528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 518 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event 514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:33 PM Security System Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy Change 848 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:30 PM Security Privilege Use 576 LOCAL
SERVICE COMPAQ-2006


Type Date Time Source Category Event User Computer
Information 4/11/2010 3:06:10 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:06:06 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
Compaq_Owner COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:21 PM SRTSP None 2003 N/A COMPAQ-2006
Information 4/11/2010 3:02:50 PM Tcpip None 4201 N/A COMPAQ-2006
Information 4/11/2010 3:03:05 PM eventlog None 6005 N/A COMPAQ-2006
Information 4/11/2010 3:03:05 PM eventlog None 6009 N/A COMPAQ-2006
Information 4/11/2010 2:36:09 PM Service Control Manager None 7036 N/A
COMPAQ-2006
 
William said:
John John - MVP wrote:
(snip)
John, I did as requested and installed the .bat file
and restarted around 1:50 PM. After just about an hour
(I wasn't watching) it decided to restart, and I just
recorder the Events Logs. I don't see anything big
there, other than that at 2:36 the entry says
"WIA entered the running state". So I now have the
big list of services set as you asked, and something
caused WIA to enter the running state. I have only
one clue as to what might have rebooted the system....
I *thought* I saw my room lights flicker, but it was
not enough to cause the clocks on appliances to request
reset. It could have been brief power interruption,
enough to cause reboot.

I'm going to restart again on that clone system, and this evening
I'll check the Events Logs again. Here's what I got just now;
it's big but you can snip it.




Type Date Time Source Category Event User Computer
Success Audit 4/11/2010 3:04:04 PM Security Privilege
Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:04:04 PM Security Logon/Logoff
528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:45 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:43 PM Security Policy
Change 848 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:42 PM Security Privilege
Use 576 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:42 PM Security Logon/Logoff
528 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Privilege
Use 576 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff
528 LOCAL
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Privilege
Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:41 PM Security Logon/Logoff
528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:17 PM Security Logon/Logoff
540
ANONYMOUS LOGON COMPAQ-2006
Success Audit 4/11/2010 3:03:10 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:10 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:09 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:09 PM Security Policy
Change 806 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Privilege
Use 576
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff
528
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Account
Logon 680 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff
538
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Privilege
Use 576
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Logon/Logoff
528
Compaq_Owner COMPAQ-2006
Success Audit 4/11/2010 3:03:08 PM Security Account
Logon 680 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security Privilege
Use 576 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security Logon/Logoff
528 NETWORK
SERVICE COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
518 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 3:03:05 PM Security System Event
514 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:33 PM Security System
Event 515 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:32 PM Security Policy
Change 850 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 849 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:31 PM Security Policy
Change 848 SYSTEM
COMPAQ-2006
Success Audit 4/11/2010 12:02:30 PM Security Privilege
Use 576 LOCAL
SERVICE COMPAQ-2006


Type Date Time Source Category Event User Computer
Information 4/11/2010 3:06:10 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:06:06 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
Compaq_Owner COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Information 4/11/2010 3:04:39 PM Service Control Manager
None 7035
SYSTEM COMPAQ-2006
Information 4/11/2010 3:04:21 PM SRTSP None 2003
N/A COMPAQ-2006
Information 4/11/2010 3:02:50 PM Tcpip None 4201
N/A COMPAQ-2006
Information 4/11/2010 3:03:05 PM eventlog None 6005
N/A COMPAQ-2006
Information 4/11/2010 3:03:05 PM eventlog None 6009
N/A COMPAQ-2006
Information 4/11/2010 2:36:09 PM Service Control Manager
None 7036 N/A
COMPAQ-2006
Click to expand...
************************************************
And now the latest I simply repeated the above run, from 3:45 to 7:15 PM,
and the Log shows no errors at all, and not even any
events to complain about. There was a repeat of the
7035/7936 'Info' events telling about WIA's involvement,
but no hint of it ever having been asked to hibernate,
or not to. Maybe this is almost the success you were
looking for....namely, nothing is *stopping* it from
hibernating.......now if you can resuscitate that, you
hit the jack pot. (And of course, restore the Printer
association, and whatever else you may have removed.
Bill
 
William said:
And now the latest I simply repeated the above run, from 3:45 to 7:15 PM,
and the Log shows no errors at all, and not even any
events to complain about. There was a repeat of the
7035/7936 'Info' events telling about WIA's involvement,
but no hint of it ever having been asked to hibernate,
or not to. Maybe this is almost the success you were
looking for....namely, nothing is *stopping* it from
hibernating.......now if you can resuscitate that, you
hit the jack pot. (And of course, restore the Printer
association, and whatever else you may have removed.
Click to expand...

Nothing that was changed in the .bat file should have affected the
printer. I suspect that your web cam or your printer is responsible for
the WIA events, remove the web cam and the printer, completely! Remove
them and any software that was installed by them, you can reinstall them
later... and this is only a clone so no harm done with anything that you
do on it, so let't get these 2 things out of the picture completely!

John
 
John said:
Nothing that was changed in the .bat file should have affected the
printer. I suspect that your web cam or your printer is responsible for
the WIA events, remove the web cam and the printer, completely! Remove
them and any software that was installed by them, you can reinstall them
later... and this is only a clone so no harm done with anything that you
do on it, so let's get these 2 things out of the picture completely!

John
Click to expand...
Okay, John, will do, later this morning. But neither of those two
should have any reason for causing an event that would occur once
every hour. I hate to remove them by Add/Remove programs. How about
just manually changing their .exe files to .xxx files so that they
can't run?
 
William said:
Okay, John, will do, later this morning. But neither of those two
should have any reason for causing an event that would occur once
every hour. I hate to remove them by Add/Remove programs. How about
just manually changing their .exe files to .xxx files so that they
can't run?
Click to expand...

No, they must be properly removed by Add/Remove programs. Delete the
Lexmark printer in the Printers and Faxes section then uninstall all
Lexmark software. Also uninstall the Web cam.

John
 
John said:
No, they must be properly removed by Add/Remove programs. Delete the
Lexmark printer in the Printers and Faxes section then uninstall all
Lexmark software. Also uninstall the Web cam.

John
Click to expand...
Okay, John. I did the Add/Remove on all Lexmark and Creative Web Cam....
I did not go to Registry so their vestigial info is probably still
stored there. On rebooting, it kept referring to new Lexmark 5400 series
in little balloons off the toolbar, but I ignored them. When I go back
there I'll snoop to see what's really left behind.

But I made the 2+ hour run, and it did not hibernate. Here are the Event
Logs, and you'll notice WIA and Automatic Update. Perhaps you'd like to
give me specific instructions on what to do about disabling those before
I make my next run. I'll be waiting............
Type Date Time Source Category Event User Computer
Information 4/12/2010 8:46:10 AM Norton AntiVirus None 35 SYSTEM COMPAQ-2006
Information 4/12/2010 8:46:07 AM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
Warning 4/12/2010 8:44:45 AM Userenv None 1517 SYSTEM COMPAQ-2006
Information 4/12/2010 8:35:59 AM Norton AntiVirus None 35 SYSTEM COMPAQ-2006
Information 4/12/2010 8:35:57 AM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
Information 4/11/2010 3:46:12 PM Norton AntiVirus None 35 SYSTEM COMPAQ-2006
Information 4/11/2010 3:46:09 PM Norton AntiVirus None 34 SYSTEM COMPAQ-2006
Information 4/11/2010 3:03:22 PM Norton AntiVirus None 35 SYSTEM COMPAQ-2006
Click to expand...
Type Date Time Source Category Event User Computer
Success Audit 4/12/2010 8:48:16 AM Security Privilege Use 576 NETWORK SERVICE COMPAQ-2006
Success Audit 4/12/2010 8:48:16 AM Security Logon/Logoff 528 NETWORK SERVICE COMPAQ-2006
Success Audit 4/12/2010 8:48:15 AM Security Privilege Use 576 NETWORK SERVICE COMPAQ-2006
Success Audit 4/12/2010 8:48:15 AM Security Logon/Logoff 528 NETWORK SERVICE COMPAQ-2006
Success Audit 4/12/2010 8:46:34 AM Security System Event 515 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 850 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM Security Policy Change 849 SYSTEM COMPAQ-2006
Success Audit 4/12/2010 8:46:33 AM
Click to expand...

(above snipped)
Type Date Time Source Category Event User Computer
Information 4/12/2010 11:19:22 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 11:19:21 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:48:15 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:48:12 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 Compaq_Owner COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8:47:26 AM Service Control Manager None 7035 SYSTEM COMPAQ-2006
Information 4/12/2010 8:47:11 AM SRTSP None 2003 N/A COMPAQ-2006
Information 4/12/2010 8:45:37 AM Tcpip None 4201 N/A COMPAQ-2006
Information 4/12/2010 8:45:52 AM eventlog None 6005 N/A COMPAQ-2006
Information 4/12/2010 8:45:52 AM eventlog None 6009 N/A COMPAQ-2006
Information 4/12/2010 8:44:48 AM eventlog None 6006 N/A COMPAQ-2006
Information 4/12/2010 8:43:22 AM Service Control Manager None 7035 Compaq_Owner COMPAQ-2006
Information 4/12/2010 8:43:22 AM Service Control Manager None 7036 N/A COMPAQ-2006
Information 4/12/2010 8
Click to expand...

(above snipped)
 
William said:
Okay, John. I did the Add/Remove on all Lexmark and Creative Web Cam....
I did not go to Registry so their vestigial info is probably still
stored there.
Click to expand...

Don't bother with the registry, remnants in there shouldn't hurt anything.

On rebooting, it kept referring to new Lexmark 5400 series
in little balloons off the toolbar, but I ignored them. When I go back
there I'll snoop to see what's really left behind.
Click to expand...

Windows is discovering the printer, disconnect the printer from the
computer.

But I made the 2+ hour run, and it did not hibernate. Here are the Event
Logs, and you'll notice WIA and Automatic Update. Perhaps you'd like to
give me specific instructions on what to do about disabling those before
I make my next run. I'll be waiting............
Click to expand...

Let it do it's automatic updates and then try again.

John
 
Back
Top