M$ Security Tools : LogonSessions – free

If you think that when you logon to a system there’s only one active logon session, this utility will surprise you. It lists the currently active logon sessions and, if you specify the -p option, the processes running in each session.

Download

Result Below :

C:Documents and SettingsAdministratorDesktop>logonsessions.exe

Logonsesions v1.1
Copyright (C) 2004 Bryce Cogswell and Mark Russinovich
Sysinternals – wwww.sysinternals.com

[0] Logon session 00000000:000003e7:
User name:       WORKGROUPHOMER$
Auth package: NTLM
Logon type:     (none)
Session:           0
Sid:                   S-1-5-18
Logon time:     12/12/2009 3:47:26 PM
Logon server:
DNS Domain:
UPN:

[1] Logon session 00000000:0000e5c6:
User name:
Auth package: NTLM
Logon type:     (none)
Session:           0
Sid:                   (none)
Logon time:     12/12/2009 3:47:26 PM
Logon server:
DNS Domain:
UPN:

[2] Logon session 00000000:000003e4:
User name:       NT AUTHORITYNETWORK SERVICE
Auth package: Negotiate
Logon type:     Service
Session:           0
Sid:                   S-1-5-20
Logon time:     12/12/2009 3:47:27 PM
Logon server:
DNS Domain:
UPN:

[3] Logon session 00000000:000003e5:
User name:       NT AUTHORITYLOCAL SERVICE
Auth package: Negotiate
Logon type:     Service
Session:           0
Sid:                   S-1-5-19
Logon time:     12/12/2009 3:47:28 PM
Logon server:
DNS Domain:
UPN:

[4] Logon session 00000000:000115b5:
User name:       HOMERAdministrator
Auth package: NTLM
Logon type:     Interactive
Session:           0
Sid:                   S-1-5-21-1659004503-1454471165-682003330-500
Logon time:     12/12/2009 3:47:28 PM
Logon server: HOMER
DNS Domain:
UPN:

[5] Logon session 00000000:00028242:
User name:       NT AUTHORITYANONYMOUS LOGON
Auth package: NTLM
Logon type:     Network
Session:           0
Sid:                   S-1-5-7
Logon time:     12/12/2009 3:47:44 PM
Logon server:
DNS Domain:
UPN:

[6] Logon session 00000000:000492f4:
User name:       HOMER__vmware_user__
Auth package: NTLM
Logon type:     Interactive
Session:           0
Sid:                   S-1-5-21-1659004503-1454471165-682003330-1004
Logon time:     12/12/2009 3:48:08 PM
Logon server: HOMER
DNS Domain:
UPN:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.