M A W :
I don't think there's a edit option for inserting long lists of text here unlike some programming forums I know. Copy/paste the text here (might have to use Ctrl + c to copy and Ctrl + v to paste) and just leave an extra row between each event so it's easy to distinguish them from each other. Also, you don't have to list all of them for that day. Mainly the ones time stamped leading right up to the point you got a BSOD.
*Application Logs*
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 9/4/2013 11:00:53 PM
Event ID: 1020
Task Category: Setup
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ASP.NET 4.0.30319.0" />
<EventID Qualifiers="32768">1020</EventID>
<Level>3</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T04:00:53.000000000Z" />
<EventRecordID>17323</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: Application
Source: ASP.NET 4.0.30319.0
Date: 9/4/2013 11:00:48 PM
Event ID: 1020
Task Category: Setup
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ASP.NET 4.0.30319.0" />
<EventID Qualifiers="32768">1020</EventID>
<Level>3</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T04:00:48.000000000Z" />
<EventRecordID>17317</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
</EventData>
</Event>
Log Name: Application
Source: NvStreamSvc
Date: 9/4/2013 10:31:12 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The description for Event ID 1 from source NvStreamSvc cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
NvStreamSvc
Unregistering VAD endpoint [0]
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="NvStreamSvc" />
<EventID Qualifiers="49154">1</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:31:12.000000000Z" />
<EventRecordID>17156</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>NvStreamSvc</Data>
<Data>Unregistering VAD endpoint [0]</Data>
</EventData>
</Event>
Log Name: Application
Source: NvStreamSvc
Date: 9/4/2013 10:30:56 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The description for Event ID 1 from source NvStreamSvc cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
NvStreamSvc
NvVAD endpoint registered successfully [0]
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="NvStreamSvc" />
<EventID Qualifiers="49154">1</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:56.000000000Z" />
<EventRecordID>17151</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>NvStreamSvc</Data>
<Data>NvVAD endpoint registered successfully [0]</Data>
</EventData>
</Event>
Log Name: Application
Source: Microsoft-Windows-Winlogon
Date: 9/4/2013 10:30:19 PM
Event ID: 6000
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Winlogon" Guid="{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}" EventSourceName="Wlclntfy" />
<EventID Qualifiers="32768">6000</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:19.000000000Z" />
<EventRecordID>17146</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>GPClient</Data>
<Binary>D9060000</Binary>
</EventData>
</Event>
Log Name: Application
Source: Microsoft-Windows-Winlogon
Date: 9/4/2013 10:30:18 PM
Event ID: 6000
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Winlogon" Guid="{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}" EventSourceName="Wlclntfy" />
<EventID Qualifiers="32768">6000</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:18.000000000Z" />
<EventRecordID>17143</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>GPClient</Data>
<Binary>D9060000</Binary>
</EventData>
</Event>
Log Name: Application
Source: Microsoft-Windows-Winlogon
Date: 9/4/2013 10:28:03 PM
Event ID: 6000
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Winlogon" Guid="{DBE9B383-7CF3-4331-91CC-A3CB16A3B538}" EventSourceName="Wlclntfy" />
<EventID Qualifiers="32768">6000</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:03.000000000Z" />
<EventRecordID>17140</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>GPClient</Data>
<Binary>D9060000</Binary>
</EventData>
</Event>
Log Name: Application
Source: NvStreamSvc
Date: 9/4/2013 10:05:42 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The description for Event ID 1 from source NvStreamSvc cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
NvStreamSvc
Unregistering VAD endpoint [0]
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="NvStreamSvc" />
<EventID Qualifiers="49154">1</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:42.000000000Z" />
<EventRecordID>17098</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>NvStreamSvc</Data>
<Data>Unregistering VAD endpoint [0]</Data>
</EventData>
</Event>
Log Name: Application
Source: NvStreamSvc
Date: 9/4/2013 10:05:32 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The description for Event ID 1 from source NvStreamSvc cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
NvStreamSvc
NvVAD endpoint registered successfully [0]
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="NvStreamSvc" />
<EventID Qualifiers="49154">1</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:32.000000000Z" />
<EventRecordID>17094</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>NvStreamSvc</Data>
<Data>NvVAD endpoint registered successfully [0]</Data>
</EventData>
</Event>
Log Name: Application
Source: NvStreamSvc
Date: 9/4/2013 8:14:39 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The description for Event ID 1 from source NvStreamSvc cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
NvStreamSvc
Unregistering VAD endpoint [0]
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="NvStreamSvc" />
<EventID Qualifiers="49154">1</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T01:14:39.000000000Z" />
<EventRecordID>17063</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>NvStreamSvc</Data>
<Data>Unregistering VAD endpoint [0]</Data>
</EventData>
</Event>
Log Name: Application
Source: NvStreamSvc
Date: 9/4/2013 8:14:35 PM
Event ID: 1
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The description for Event ID 1 from source NvStreamSvc cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
NvStreamSvc
NvVAD endpoint registered successfully [0]
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="NvStreamSvc" />
<EventID Qualifiers="49154">1</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T01:14:35.000000000Z" />
<EventRecordID>17061</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>NvStreamSvc</Data>
<Data>NvVAD endpoint registered successfully [0]</Data>
</EventData>
</Event>
Log Name: Application
Source: Application Error
Date: 9/4/2013 3:54:24 AM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x521e92bd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x79766165
Faulting process id: 0x174
Faulting application start time: 0x01cea93b5f585b5e
Faulting application path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe
Faulting module path: unknown
Report Id: 982bc5c6-153f-11e3-b593-00224d843791
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-04T08:54:24.000000000Z" />
<EventRecordID>16900</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>PlanetSide2.exe</Data>
<Data>0.0.0.0</Data>
<Data>521e92bd</Data>
<Data>unknown</Data>
<Data>0.0.0.0</Data>
<Data>00000000</Data>
<Data>c0000005</Data>
<Data>79766165</Data>
<Data>174</Data>
<Data>01cea93b5f585b5e</Data>
<Data>C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe</Data>
<Data>unknown</Data>
<Data>982bc5c6-153f-11e3-b593-00224d843791</Data>
</EventData>
</Event>
Log Name: Application
Source: Application Error
Date: 9/4/2013 1:52:07 AM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x521e92bd
Faulting module name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x521e92bd
Exception code: 0xc0000005
Fault offset: 0x017fa826
Faulting process id: 0x1018
Faulting application start time: 0x01cea93231dab68e
Faulting application path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe
Faulting module path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe
Report Id: 82f71d6d-152e-11e3-b593-00224d843791
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-04T06:52:07.000000000Z" />
<EventRecordID>16891</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>PlanetSide2.exe</Data>
<Data>0.0.0.0</Data>
<Data>521e92bd</Data>
<Data>PlanetSide2.exe</Data>
<Data>0.0.0.0</Data>
<Data>521e92bd</Data>
<Data>c0000005</Data>
<Data>017fa826</Data>
<Data>1018</Data>
<Data>01cea93231dab68e</Data>
<Data>C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe</Data>
<Data>C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe</Data>
<Data>82f71d6d-152e-11e3-b593-00224d843791</Data>
</EventData>
</Event>
Log Name: Application
Source: Application Error
Date: 9/4/2013 12:43:01 AM
Event ID: 1000
Task Category: (100)
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time stamp: 0x521e92bd
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x30363838
Faulting process id: 0xb40
Faulting application start time: 0x01cea91e6521e11b
Faulting application path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe
Faulting module path: unknown
Report Id: dbe6eed9-1524-11e3-b593-00224d843791
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-04T05:43:01.000000000Z" />
<EventRecordID>16889</EventRecordID>
<Channel>Application</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>PlanetSide2.exe</Data>
<Data>0.0.0.0</Data>
<Data>521e92bd</Data>
<Data>unknown</Data>
<Data>0.0.0.0</Data>
<Data>00000000</Data>
<Data>c0000005</Data>
<Data>30363838</Data>
<Data>b40</Data>
<Data>01cea91e6521e11b</Data>
<Data>C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe</Data>
<Data>unknown</Data>
<Data>dbe6eed9-1524-11e3-b593-00224d843791</Data>
</EventData>
</Event>
*System Logs*
Log Name: System
Source: Microsoft-Windows-Wininit
Date: 9/4/2013 10:30:57 PM
Event ID: 11
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: Darkstar
Description:
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}" />
<EventID>11</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:57.473630800Z" />
<EventRecordID>8032</EventRecordID>
<Correlation />
<Execution ProcessID="488" ThreadID="516" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="StringCount">1</Data>
<Data Name="String">C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll</Data>
</EventData>
</Event>
Log Name: System
Source: e1cexpress
Date: 9/4/2013 10:30:45 PM
Event ID: 27
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Intel(R) 82579V Gigabit Network Connection
Network link is disconnected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="e1cexpress" />
<EventID Qualifiers="40964">27</EventID>
<Level>3</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:45.334410300Z" />
<EventRecordID>7982</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>Intel(R) 82579V Gigabit Network Connection</Data>
<Binary>0000040002003000000000001B0004A00000000000000000000000000000000000000000000000001B0004A0</Binary>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:30:06 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:06.498671200Z" />
<EventRecordID>7955</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="532" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:30:06 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:06.498671200Z" />
<EventRecordID>7954</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="532" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:30:06 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:30:06.498671200Z" />
<EventRecordID>7953</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="532" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 9/4/2013 10:29:32 PM
Event ID: 10005
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server:
{DCAB0989-1301-4319-BE5F-ADE89F88581C}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="49152">10005</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:29:32.000000000Z" />
<EventRecordID>7951</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">1084</Data>
<Data Name="param2">NVSvc</Data>
<Data Name="param3">
</Data>
<Data Name="param4">{DCAB0989-1301-4319-BE5F-ADE89F88581C}</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:22 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:22.490479100Z" />
<EventRecordID>7950</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="552" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:22 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:22.490479100Z" />
<EventRecordID>7949</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="552" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:22 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:22.490479100Z" />
<EventRecordID>7948</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="552" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:12 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:12.490861500Z" />
<EventRecordID>7947</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="532" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:12 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:12.490861500Z" />
<EventRecordID>7946</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="532" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:12 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:12.490861500Z" />
<EventRecordID>7945</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="532" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">Computer Browser</Data>
<Data Name="param2">Server</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:28:11 PM
Event ID: 7001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The dependency service or group failed to start.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:11.788860300Z" />
<EventRecordID>7944</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="552" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">HomeGroup Provider</Data>
<Data Name="param2">Function Discovery Provider Host</Data>
<Data Name="param3">%%1068</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 9/4/2013 10:28:11 PM
Event ID: 10005
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="49152">10005</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:11.000000000Z" />
<EventRecordID>7941</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">1084</Data>
<Data Name="param2">WSearch</Data>
<Data Name="param3">
</Data>
<Data Name="param4">{9E175B6D-F52A-11D8-B9A5-505054503030}</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 9/4/2013 10:28:11 PM
Event ID: 10005
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="49152">10005</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:11.000000000Z" />
<EventRecordID>7940</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">1084</Data>
<Data Name="param2">WSearch</Data>
<Data Name="param3">
</Data>
<Data Name="param4">{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 9/4/2013 10:28:09 PM
Event ID: 10005
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="49152">10005</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:09.000000000Z" />
<EventRecordID>7939</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">1084</Data>
<Data Name="param2">EventSystem</Data>
<Data Name="param3">
</Data>
<Data Name="param4">{1BE1F766-5536-11D1-B726-00C04FB926AF}</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 9/4/2013 10:28:04 PM
Event ID: 10005
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="49152">10005</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:28:04.000000000Z" />
<EventRecordID>7937</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">1084</Data>
<Data Name="param2">ShellHWDetection</Data>
<Data Name="param3">
</Data>
<Data Name="param4">{DD522ACC-F821-461A-A407-50B198B896DC}</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Wininit
Date: 9/4/2013 10:27:56 PM
Event ID: 11
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: Darkstar
Description:
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}" />
<EventID>11</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:56.812834000Z" />
<EventRecordID>7936</EventRecordID>
<Correlation />
<Execution ProcessID="340" ThreadID="364" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="StringCount">1</Data>
<Data Name="String">C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll</Data>
</EventData>
</Event>
Log Name: System
Source: Service Control Manager
Date: 9/4/2013 10:27:53 PM
Event ID: 7026
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The following boot-start or system-start driver(s) failed to load:
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
discache
spldr
Wanarpv6
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7026</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:53.100027400Z" />
<EventRecordID>7935</EventRecordID>
<Correlation />
<Execution ProcessID="408" ThreadID="412" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
discache
spldr
Wanarpv6</Data>
</EventData>
</Event>
Log Name: System
Source: e1cexpress
Date: 9/4/2013 10:27:43 PM
Event ID: 27
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Intel(R) 82579V Gigabit Network Connection
Network link is disconnected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="e1cexpress" />
<EventID Qualifiers="40964">27</EventID>
<Level>3</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:43.537210600Z" />
<EventRecordID>7912</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>Intel(R) 82579V Gigabit Network Connection</Data>
<Binary>0000040002003000000000001B0004A00000000000000000000000000000000000000000000000001B0004A0</Binary>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Date: 9/4/2013 10:27:40 PM
Event ID: 41
Task Category: (63)
Level: Critical
Keywords: (2)
User: SYSTEM
Computer: Darkstar
Description:
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>41</EventID>
<Version>2</Version>
<Level>1</Level>
<Task>63</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000002</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:40.542005400Z" />
<EventRecordID>7908</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="8" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="BugcheckCode">59</Data>
<Data Name="BugcheckParameter1">0xc0000005</Data>
<Data Name="BugcheckParameter2">0xfffff960000f79f6</Data>
<Data Name="BugcheckParameter3">0xfffff88006d44070</Data>
<Data Name="BugcheckParameter4">0x0</Data>
<Data Name="SleepInProgress">false</Data>
<Data Name="PowerButtonTimestamp">0</Data>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-WER-SystemErrorReporting
Date: 9/4/2013 10:27:49 PM
Event ID: 1001
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: DARKSTAR
Description:
The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff960000f79f6, 0xfffff88006d44070, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 090413-10842-01.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-WER-SystemErrorReporting" Guid="{ABCE23E7-DE45-4366-8631-84FA6C525952}" EventSourceName="BugCheck" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:49.000000000Z" />
<EventRecordID>7907</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>DARKSTAR</Computer>
<Security />
</System>
<EventData>
<Data Name="param1">0x0000003b (0x00000000c0000005, 0xfffff960000f79f6, 0xfffff88006d44070, 0x0000000000000000)</Data>
<Data Name="param2">C:\Windows\MEMORY.DMP</Data>
<Data Name="param3">090413-10842-01</Data>
</EventData>
</Event>
Log Name: System
Source: EventLog
Date: 9/4/2013 10:27:49 PM
Event ID: 6008
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The previous system shutdown at 10:25:34 PM on 9/4/2013 was unexpected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="EventLog" />
<EventID Qualifiers="32768">6008</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:49.000000000Z" />
<EventRecordID>7903</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>10:25:34 PM</Data>
<Data>9/4/2013</Data>
<Data>
</Data>
<Data>
</Data>
<Data>1218</Data>
<Data>
</Data>
<Data>
</Data>
<Binary>DD07090003000400160019002200FE01DD07090004000500030019002200FE01600900003C000000010000006009000000000000B00400000100000000000000</Binary>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Wininit
Date: 9/4/2013 10:05:33 PM
Event ID: 11
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: Darkstar
Description:
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}" />
<EventID>11</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:33.186028500Z" />
<EventRecordID>7830</EventRecordID>
<Correlation />
<Execution ProcessID="484" ThreadID="512" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="StringCount">1</Data>
<Data Name="String">C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll</Data>
</EventData>
</Event>
Log Name: System
Source: e1cexpress
Date: 9/4/2013 10:05:21 PM
Event ID: 27
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Intel(R) 82579V Gigabit Network Connection
Network link is disconnected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="e1cexpress" />
<EventID Qualifiers="40964">27</EventID>
<Level>3</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:21.304808500Z" />
<EventRecordID>7781</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>Intel(R) 82579V Gigabit Network Connection</Data>
<Binary>0000040002003000000000001B0004A00000000000000000000000000000000000000000000000001B0004A0</Binary>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Kernel-Power
Date: 9/4/2013 10:05:19 PM
Event ID: 41
Task Category: (63)
Level: Critical
Keywords: (2)
User: SYSTEM
Computer: Darkstar
Description:
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" />
<EventID>41</EventID>
<Version>2</Version>
<Level>1</Level>
<Task>63</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000002</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:19.479605300Z" />
<EventRecordID>7777</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="8" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="BugcheckCode">0</Data>
<Data Name="BugcheckParameter1">0x0</Data>
<Data Name="BugcheckParameter2">0x0</Data>
<Data Name="BugcheckParameter3">0x0</Data>
<Data Name="BugcheckParameter4">0x0</Data>
<Data Name="SleepInProgress">false</Data>
<Data Name="PowerButtonTimestamp">0</Data>
</EventData>
</Event>
Log Name: System
Source: EventLog
Date: 9/4/2013 10:05:25 PM
Event ID: 6008
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The previous system shutdown at 10:00:53 PM on 9/4/2013 was unexpected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="EventLog" />
<EventID Qualifiers="32768">6008</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:25.000000000Z" />
<EventRecordID>7772</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>10:00:53 PM</Data>
<Data>9/4/2013</Data>
<Data>
</Data>
<Data>
</Data>
<Data>6397</Data>
<Data>
</Data>
<Data>
</Data>
<Binary>DD07090003000400160000003500AB01DD07090004000500030000003500AB01600900003C000000010000006009000000000000B00400000100000000000000</Binary>
</EventData>
</Event>
Log Name: System
Source: volsnap
Date: 9/4/2013 9:07:50 PM
Event ID: 36
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="volsnap" />
<EventID Qualifiers="49158">36</EventID>
<Level>2</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T02:07:50.190982000Z" />
<EventRecordID>7759</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>\Device\HarddiskVolumeShadowCopy4</Data>
<Data>C:</Data>
<Binary>000000000200300000000000240006C0020000000000000000000000000000000000000000000000</Binary>
</EventData>
</Event>
Log Name: System
Source: Microsoft-Windows-Wininit
Date: 9/4/2013 8:14:38 PM
Event ID: 11
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: Darkstar
Description:
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}" />
<EventID>11</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T01:14:38.280637100Z" />
<EventRecordID>7697</EventRecordID>
<Correlation />
<Execution ProcessID="524" ThreadID="552" />
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="StringCount">1</Data>
<Data Name="String">C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll</Data>
</EventData>
</Event>
Log Name: System
Source: e1cexpress
Date: 9/4/2013 8:14:25 PM
Event ID: 27
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Darkstar
Description:
Intel(R) 82579V Gigabit Network Connection
Network link is disconnected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="e1cexpress" />
<EventID Qualifiers="40964">27</EventID>
<Level>3</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T01:14:25.844416500Z" />
<EventRecordID>7646</EventRecordID>
<Channel>System</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<EventData>
<Data>
</Data>
<Data>Intel(R) 82579V Gigabit Network Connection</Data>
<Binary>0000040002003000000000001B0004A00000000000000000000000000000000000000000000000001B0004A0</Binary>
</EventData>
</Event>
*Security Logs*
Log Name: Security
Source: Microsoft-Windows-Eventlog
Date: 9/4/2013 10:27:50 PM
Event ID: 1101
Task Category: Event processing
Level: Error
Keywords: Audit Success
User: N/A
Computer: Darkstar
Description:
Audit events have been dropped by the transport. 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Eventlog" Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" />
<EventID>1101</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>101</Task>
<Opcode>0</Opcode>
<Keywords>0x4020000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:27:50.120422200Z" />
<EventRecordID>7030</EventRecordID>
<Correlation />
<Execution ProcessID="716" ThreadID="808" />
<Channel>Security</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<UserData>
<AuditEventsDropped xmlns:auto-ns3="http://schemas.microsoft.com/win/2004/08/events" xmlns="http://manifests.microsoft.com/win/2004/08/windows/eventlog">
<Reason>0</Reason>
</AuditEventsDropped>
</UserData>
</Event>
Log Name: Security
Source: Microsoft-Windows-Eventlog
Date: 9/4/2013 10:05:25 PM
Event ID: 1101
Task Category: Event processing
Level: Error
Keywords: Audit Success
User: N/A
Computer: Darkstar
Description:
Audit events have been dropped by the transport. 0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Eventlog" Guid="{fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148}" />
<EventID>1101</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>101</Task>
<Opcode>0</Opcode>
<Keywords>0x4020000000000000</Keywords>
<TimeCreated SystemTime="2013-09-05T03:05:25.438815700Z" />
<EventRecordID>6978</EventRecordID>
<Correlation />
<Execution ProcessID="964" ThreadID="360" />
<Channel>Security</Channel>
<Computer>Darkstar</Computer>
<Security />
</System>
<UserData>
<AuditEventsDropped xmlns:auto-ns3="http://schemas.microsoft.com/win/2004/08/events" xmlns="http://manifests.microsoft.com/win/2004/08/windows/eventlog">
<Reason>0</Reason>
</AuditEventsDropped>
</UserData>
</Event>
So, I don't remember what time exactly the system had it's errors, but I do remember the day. So these logs are from that day. All of the BSOD problems first mentioned are all from that same day as well. In addition to that, the system has actually had a couple more BSOD errors since then.